Bug #51606 for Net-OpenSSH: Provide option for new to ignore host keys

> From: "toddr@null.net via RT" <bug-Net-OpenSSH@rt.cpan.org> > Sent: Tue, November 17, 2009 5:48:03 PM > Subject: [rt.cpan.org #51606] Provide option for new to ignore host keys > > Tue Nov 17 11:48:03 2009: Request 51606 was acted upon. > Transaction: Ticket created by toddr@null.net > Queue: Net-OpenSSH > Subject: Provide option for new to ignore host keys > Broken in: 0.40 > Severity: Normal > Owner: Nobody > Requestors: toddr@null.net > Status: new > Ticket > > > One of the more annoying points of automating ssh connections is the host keys > prompt: > > $>ssh root@$ip > The authenticity of host '$ip ($ip)' can't be established. > RSA key fingerprint is 14:26:11:0e:de:b8:c1:94:60:8e:48:56:e6:19:76:34. > Are you sure you want to continue connecting (yes/no)? > > Thankfully, this can now avoided by passing the following master option to > openssh: > ('-o' => 'StrictHostKeyChecking=no') > > I suggest an option for new called "ignore_host_keys => 1". > People passing this to new will cause Net::OpenSSH to use this master option on > connect. > > Even more aggressively, I'd even suggest defaulting this option and requiring > the user to turn > it off if they don't want this since I believe anyone using this module probably > wants this as > the default behavior on non-interactive logins. However, I suspect there would > be outcry if > you do so. If you can tolerate the complaints, I would encourage it, but it > needs to be well > documented if you do so. > > While everyone could go look this up in openssh documentation and just use it in > new, I > think it would be more readily used if it's in Net::OpenSSH documentation. > > What do you think about this?