How to disable Host key verification failed checking in ssh

I want to disable strict host key checking in ssh. When I run

ssh -i ~/.ssh/unlock_ssd -p 22 -o "HostKeyAlgorithms ssh-rsa" root@10.0.0.5

I get

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:key 
Please contact your system administrator.
Add correct host key in /home/raj/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/raj/.ssh/known_hosts:42
  remove with:
  ssh-keygen -f "/home/raj/.ssh/known_hosts" -R "10.0.0.5"
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
To unlock root partition, and maybe others like swap, run `cryptroot-unlock`.

How do you disable strict host key checking in ssh on Linux ?

Pass the -o "StrictHostKeyChecking no" option to the ssh command. For example:

ssh -i ~/.ssh/unlock_ssd -p 22 \
-o "StrictHostKeyChecking no \
-o "HostKeyAlgorithms ssh-rsa" \
root@10.0.0.5

Edit the ~/.ssh/config file and append to Host:

     StrictHostKeyChecking no

For instance:

Host ls.www-1
  Hostname 1.2.3.4
  User ubuntu
  IdentityFile ~/.ssh/id_ed25519.pub
  StrictHostKeyChecking no

See the following for more examples

What is StrictHostKeyChecking?

From the ssh_config man page:

        If this flag is set to yes, ssh(1) will never automatically add host keys to the ~/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed.  This provides maximum protection against man-
         in-the-middle (MITM) attacks, though it can be annoying when the /etc/ssh/ssh_known_hosts file is poorly maintained or when connections to new hosts are frequently made.  This option forces the user to manually
         add all new hosts.

         If this flag is set to “accept-new” then ssh will automatically add new host keys to the user known hosts files, but will not permit connections to hosts with changed host keys.  If this flag is set to “no” or
         “off”, ssh will automatically add new host keys to the user known hosts files and allow connections to hosts with changed hostkeys to proceed, subject to some restrictions.  If this flag is set to ask (the de‐
         fault), new host keys will be added to the user known host files only after the user has confirmed that is what they really want to do, and ssh will refuse to connect to hosts whose host key has changed.  The
         host keys of known hosts will be verified automatically in all cases.
1 Like

Linux sysadmin blog - Linux/Unix Howtos and Tutorials - Linux bash shell scripting wiki