I am using openssh 3.4p1 on SuSE Linux 8.1 to try to connect to
openssh 3.9p1 on a couple of SuSE Linux 9.2 boxes. The two SuSE 9.2
boxes are part of a high availability setup so they each have their own
ip address and host name. At any given moment one of them has another
ip and host name depending on which one is active at the moment. I need
to be able to connect to whoever has the third ip and host name from the
8.1 box and run scripts on it.
I set up public key authentication and got it working so that a
command like this worked from the 8.1 box and ran the mkhome.sh script
on the first 9.2 box.
ssh -o PreferredAuthentications=publickey -o sharedhostname
"/local/sbin/mkhome.sh"
Then I failed the shared host name and ip over to the second 9.2 box
and tried again. It gave the error,
"
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
e5:ad:78:1d:bf:0a:27:b6:5a:84:07:ff:76:b6:7a:34.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:7
Password authentication is disabled to avoid man-in-the-middle attacks.
Permission denied (publickey,keyboard-interactive).
"
So I edited the ssh_config file on the client (8.1 box) and set
StrictHostKeyChecking=no. Then I ran
ssh -o PreferredAuthentications=publickey -o StrictHostKeyChecking=no
sharedhostname "/local/sbin/mkhome.sh"
but got the same result.
Is there any way to get this command to work regardless of which
host happens to have the shared ip and hostname at the moment?
Thanks,
Jason Joines
=================================
