The right way to Add an SSH Fingerprint to Your known_hosts File in Linux

Let’s say you’ve written a bash script that scans your entire Linux servers in your information middle for uptime. Such a file may comprise the next contents:

ssh $1 "uptime"

Whenever you run your script, it could get foiled by a difficulty the place it’s stopped by a server that has but to have its SSH key fingerprint added to the known_hosts file. When this occurs, your script is rendered ineffective.

SEE: The right way to View Your SSH Keys in Linux, macOS, and Home windows (TechRepublic)

SSH key fingerprint

What’s an SSH key fingerprint? Easy: The important thing’s fingerprint is verified while you attempt to log in to a distant laptop utilizing SSH. Whenever you log into an SSH server for the primary time, you’ll see one thing like that proven beneath.

Logging into an SSH server for the primary time. Picture: Jack Wallen

When you don’t settle for the fingerprint, the connection will probably be instantly damaged. So what occurs while you’re working with a bash script that can’t settle for enter with a view to okay the addition of the distant SSH fingerprint?

Fortuitously, the builders of SSH considered this and added a command that lets you simply add SSH fingerprints to the known_hosts file.

SEE: The right way to Create and Copy SSH Keys with 2 Easy Instructions (TechRepublic)

Including the fingerprint

I’ll show including the fingerprint from a distant server to an area machine. Let’s say the distant server is at 192.168.1.162. So as to add that fingerprint, the command can be:

ssh-keyscan -H 192.168.1.162 >> ~/.ssh/known_hosts

The command will run and add the distant SSH fingerprint to the native machine with out your enter, as proven beneath.

How to run and add the remote SSH fingerprint to the local machine.
The right way to run and add the distant SSH fingerprint to the native machine. Picture: Jack Wallen

So an addition to the bash script may appear to be:

ssh-keyscan $1 >> ~/.ssh/known_hosts

The above addition would take the argument from the command (say, for instance, ./script 192.168.1.118) and add the fingerprint to ~/.ssh/known_hosts earlier than it then strikes to the subsequent line — thereby avoiding the lacking SSH fingerprint problem. After all the above would solely work correctly if in case you have ssh key authentication setup. In any other case, you’d need to enter the distant machine’s password.

SEE: The right way to Mount Distant Directories with SSH (TechRepublic)

The easy issues

Typically, it’s the straightforward issues that journey up our bash scripts. If that key fingerprint problem has been inflicting you complications along with your scripts, now you can keep away from the difficulty.

Recent articles