I am testing ssh 1.2.26 on a couple of SGI
IRIX systems; eventually our site plans to use
ssh on all platforms, and disable rsh, rlogin, etc.
Because of a large diverse user community we are
anxious to keep the migration to ssh as trans-
parent as possible. (Links will allow users to
still use rsh, rlogin, etc.)
The problem that I can't get around is the query
from slogin whenever an unknown host is encountered.
This query will cause batch jobs (or 'at' jobs) to fail,
and confuse interactive users who are unfamiliar with
ssh. Of course, we can maintain an /etc/ssh_known_hosts
file which will cut down on the queries.
But what I have found with my testing, is that every
possible designation for a host must be listed before
that hosts public key. Because many platforms with
multiple designations will eventually use ssh, this
will become a big ugly job fast. The SGI administrator
was thinking that this could be simplified if ssh made
a system call to just convert any system alias to the
corresponding IP address, and then ssh could verify
that a certain host was known to the client system by
IP address. For our site, maintainning just a list
of IP addresses (and corresponding keys) would
simplify the list of entries in /etc/ssh_known_hosts.
Is there any such option in the configurating of ssh?
Or is there any slick way around this problem?
Thanks for any suggestions.
Mary McCann
=====================================================
Mary McCann Vmail: (301) 572-8901 mbox 5330
Email: [EMAIL PROTECTED]
=====================================================
