The SSH Who Cried Wolf

Disclaimer: This article lowers the security of your SSH client connection and leaves you vulnerable to man in the middle attacks. For that I take no responsibility. If you follow the steps below you do so at your own risk.

TLDR

Add the following to your ~/.ssh/config file to make SSH shut up:

Wolf! Wolf! The wolf is performing a MITM attack!

Have you ever seen this message when attempting to SSH somewhere?

In theory I should investigate if there is indeed a MITM attack. In practice I get this message so often so I don’t care. It can happen without a MITM attack for a number of reasons. If you reinstall the machine behind the IP, swap the machine behind the IP, or simply have dynamically assigned IPs that vary over time.

Because of this we have a cry wolf issue where the message can’t be taken seriously and rather just annoy in day to day work. Bundled with the glorious cry wolf feature we also have these messages:

So let’s find a way to make it shut up.

Nobody believes a liar … even when he is telling the truth!

The salvation can be had by adding four lines to the ~/.ssh/config file. If that file does not exist you may create it manually like this:

Then add the following four lines in there:

  • Host *” means that we are changing configuration for all hosts and not a specific few.
  • “StrictHostKeyChecking no” will allow us to connect hosts whose host key has changed.
  • “UserKnownHostsFile” /dev/null ensures we never store any known hosts and their keys.
  • “LogLevel ERROR” supresses the now reduntant known host warning messages

Sources

By |2018-02-02T15:11:14+00:00February 2nd, 2018|Uncategorized|0 Comments

Leave A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.