Automate a ssh response

Question

I have a bash script running on a host with IP1. The script does a ssh to a remote host with IP2

ssh ubuntu@IP2 "ls -l ~"

The ssh replies with a 
The authenticity of host 'IP2 (IP2)' can't be established.
ECDSA key fingerprint is SHA256:S9ESYzoNs9dv/i/6T0aqXQoSXHM.
Are you sure you want to continue connecting (yes/no)? 

I want to automate the response "yes" to the above ssh command. How can I do that from the bash script ? IP2 is a random IP so I cannot add it to the known hosts list on host IP1.

Answer 1

If you don't want to verify/check the fingerprint you could use something like:

ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ubuntu@IP2 "ls -l ~"

This is how it works:

-o UserKnownHostsFile=/dev/null

The UserKnownHostsFile parameter specifies the database file to use for storing the user host keys (default is ~/.ssh/known_hosts).

By configuring the null device file as the host key database, SSH is fooled into thinking that the SSH client has never connected to any SSH server before, and so will never run into a mismatched host key.

-o StrictHostKeyChecking=no

The parameter StrictHostKeyChecking specifies if SSH will automatically add new host keys to the host key database file. By setting it to no, the host key is automatically added, without user confirmation, for all first-time connection.

For more details: How to disable SSH host key checking

Answer 2

Have you tested "StrictHostKeyChecking" option:

ssh -o "StrictHostKeyChecking no" root@10.x.x.x