Login/Register
How to disable ssh strict host checking on Windows 10?
Asked Answered
windowssshcommand-line
O

5

5

My PC is Windows 10 Pro, 22H2

In my closed work environment, I SSH from Windows command line into many devices that all have the same IP (one at a time, not concurrently on my network at the same time). I'm running an automated test script and I constantly have trouble scripting something when this warning gets thrown up during the login to a new device that I'm testing.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:{hash}
Please contact your system administrator.
Add correct host key in C:\\Users\\myusername/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in C:\\Users\\myusername/.ssh/known_hosts:3
ECDSA host key for 192.168.1.5 has changed and you have requested strict checking.
Host key verification failed.

I'm using password-based login to these devices.

I made C:\Users\myusername\config with contents:

Host *
    StrictHostKeyChecking no

But this didn't stop the warning from happening and blocking the attempt. So far the only solution I have is to constantly delete the C:\Users\myusername\known_hosts file. Is there any way to get Windows to ignore strict checking?

Outermost answered 1/2, 2023 at 17:56 Comment(0)
A
5

Setting StrictHostKeyChecking no also doesn't work for me. I am using this instead:

Set your config file at %UserProfile%\.ssh\config to

Host *
    UserKnownHostsFile=/dev/null

This will always delete the known_hosts file so the warning will never happen.

Authenticate answered 30/8, 2023 at 13:49 Comment(1)
This didn't solve it for me. There was no config file in that directory and when I added it, it had no effect. Update: adding -o StrictHostKeyChecking=no to my ssh command solved it.Patronage
F
1

in windows 10, the path for the file is: %UserProfile%\.ssh\config

Fillagree answered 16/5, 2023 at 11:10 Comment(0)
O
0

I figured out a decent way to handle this. I can delete the IP address from the known_hosts file and login by concatenating two commands like this:

ssh-keygen -R 192.168.1.5 && ssh -o StrictHostkeyChecking=no [email protected]
Outermost answered 11/4, 2024 at 23:32 Comment(0)
N
0

in windows 10, remove the path for the file:

%UserProfile%\.ssh\known_hosts

Then it will generate a new file next time.

Nopar answered 4/6, 2024 at 2:6 Comment(0)
C
0

Put

Host *
   StrictHostKeyChecking no
   UserKnownHostsFile=/dev/null

Into %UserProfile%\.ssh\config

Continuate answered 26/8, 2024 at 11:49 Comment(0)

© 2022 - 2025 — McMap. All rights reserved.