Hi
I have found Paramiko to be an excellent library, very useful. Thanks.
One question:
I use it in an environment where OS's are frequently reinstalled (thus
renewing their SSH keys).
Thus when I connect using Paramiko I get frequent
'AuthenticationExceptions'.
i.e. the key in .ssh/known_hosts is no longer valid.
$ ssh r...@knockout
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
cf:70:9a:24:9b:80:cf:2c:0f:0e:f1:31:a0:e8:35:6d.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this
message.
Offending key in /home/user/.ssh/known_hosts:42
RSA host key for knockout has changed and you have requested strict
checking.
Host key verification failed.
Is there anyway in Paramiko to deal with this automatically ?
i.e. get ride of the old key and accept the new ?
My code look like this:
ssh = paramiko.SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy)
ssh.connect(host, username=user, password=PWD, timeout=5,
look_for_keys=0)
stdin, stdout, stderr = ssh.exec_command(cmd)
var = stdout.readlines()
ssh.close()
Thanks
dom
_______________________________________________
paramiko mailing list
paramiko@lag.net
http://www.lag.net/cgi-bin/mailman/listinfo/paramiko
