SSH by default requires Host Key to be verified when connecting the first time to a new remote server. On the PacketFence system you need to have both root and pf users connect to the network devices and accept the host key. This manual process is tedious especially on large networks.
You can configure SSH to skip the Host Key check on new connections but you must understand the risks of doing so.
Quickly, by not verifying the host key by hand on first connections you are becoming susceptible to man-in-the-middle attacks on the first connection. Host Key checking will be performed after that first connection.
Now that you’ve decided that you prefer the convenience and weighted the risks, here are the instructions to disable strict host key checking for the network devices management:
Assuming that your network devices’ IP are all in the 10.0.0.* range, these commands will do the trick:
echo -e "Host 10.0.0.*\nStrictHostKeyChecking no" >> ~pf/.ssh/config
echo -e "Host 10.0.0.*\nStrictHostKeyChecking no" >> ~root/.ssh/config
If the .ssh/ doesn’t exist, create it.
Hopefully this saved you enough time to hit the pub earlier today!