We are trying to configure SSH on Unix System Services. We have a file called /.ssh/known_hosts
This file has an entry of public key for remote servers.
Currently the /.ssh/known_hosts file resides in the same mount file as the root. And the root is mounted as RO mode.
Since it is mounted in RO mode, we cannot add anymore entries to the file. We are hesitant to make the root RW mode just for editing /.ssh/known_hosts each time.
Is it possible to make SSH look for known_hosts in some other directory location and not /.ssh/known_hosts?
Joined: 06 Jun 2008 Posts: 8433 Location: Dubuque, Iowa, USA
The manual talks about having /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files so you should be able to update /etc/ssh/ssh_known_hosts since /etc is generally on its own mount point and definitely RW.
You are correct that /etc/ is RW and it has ssh_known_hosts file.
But when I try to connect from Mainframe to a remote server interactively. I get the below error.
The authenticity of host 'host server' can't be established.
RSA key fingerprint is xx:xx:xx.
Are you sure you want to continue connecting (yes/no)? yes
FOTS2190 Failed to add the host to the list of known hosts (/.ssh/known_hosts).
My colleague suggested that I can try to create a mount point on /.ssh and make it RW. I am planning on copying the contents of /.ssh/ to a temporary directory. Then mount a file to the path and copy the files from temp to the new directory.