I need to connect to a host with a dynamic IP address.
Every time its IP changes, SSH prompts me the fingerprint validation thing:
The authenticity of host '...' can't be established.
RSA key fingerprint is ....
Are you sure you want to continue connecting (yes/no)?
Would it be possible to pass SSH the host public key, so that:
- SSH validates the host's authenticity automatically
- The host key is not stored in the known_hosts file
This question differs from How can I avoid SSH's host verification for known hosts? since that other questions aims to suppress SSH validation, while I do not want to suppress it: I do want to have the host authenticated, just using the host's public key (which I know, and have it stored in a file) rather than SSH known_hosts
file.
To me the other question seems to be about connecting to a different server every time, rather than connecting to a single well-known server with a dynamic IP.
Best Answer
The best solution (ie. closest to what I want) I could find is to use the option
HostKeyAlias
: it will use an hostname I specify to accessknown_hosts
(rather than the IP I'm connecting to).I will need to add the host's public key to
known_hosts
using a given hostname (eg:myhost
) and then connect to it using: