Post by Dominic Curran
Hi
I have found Paramiko to be an excellent library, very useful. Thanks.
I use it in an environment where OS's are frequently reinstalled (thus
renewing their SSH keys).
Thus when I connect using Paramiko I get frequent
'AuthenticationExceptions'.
i.e. the key in .ssh/known_hosts is no longer valid.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
cf:70:9a:24:9b:80:cf:2c:0f:0e:f1:31:a0:e8:35:6d.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this
message.
Offending key in /home/user/.ssh/known_hosts:42
RSA host key for knockout has changed and you have requested strict
checking.
Host key verification failed.
Is there anyway in Paramiko to deal with this automatically ?
i.e. get ride of the old key and accept the new ?
ssh = paramiko.SSHClient()
ssh.load_system_host_keys()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy)
ssh.connect(host, username=user, password=PWD, timeout=5,
look_for_keys=0)
stdin, stdout, stderr = ssh.exec_command(cmd)
var = stdout.readlines()
ssh.close()
Thanks
dom
_______________________________________________
paramiko mailing list
http://www.lag.net/cgi-bin/mailman/listinfo/paramiko

Post by Dominic Curran
Hi
I have found Paramiko to be an excellent library, very useful. Thanks.
I use it in an environment where OS's are frequently reinstalled (thus
renewing their SSH keys).
Thus when I connect using Paramiko I get frequent 'AuthenticationExceptions'.
i.e. the key in .ssh/known_hosts is no longer valid.