Perl SSH connection Error on Net::OpenSSH Module

Question

I am ssh'ing to the server using perl Net::OpenSSH module.

My code is below:

my ($host, $user, $passwd) = ("my.ip.address.here", "userxyz", "passwordxyz");
my $ssh = Net::OpenSSH->new( $host,
                             user => $user,
                             password => $passwd
);
$ssh->error and die "Couldn't establish SSH connection: ". $ssh->error;

When I run this code I am got following error:

Couldn't establish SSH connection: unable to establish master SSH connection: the authenticity of the target host can't be established; the remote host public key is probably not present in the '~/.ssh/known_hosts' file ......

When I searched solution for the same in perlmonks I found disable StrictHostKeyChecking.

So I modified the code like below and it worked.

$ssh = Net::OpenSSH->new($host,
           master_opts => [-o => "StrictHostKeyChecking=no"],
           ...);

I need suggestions from experts, is it okay to disable StrictHostKeyChecking ?

Answer 1

... is it okay to disable StrictHostKeyChecking

Usually it is not ok and that's why StrictHostKeyChecking is enabled by default. If you disable it then SSH man in the middle attacks are possible. It is only safe to do this if you can otherwise make sure that no such attacks are possible, for example by using a fully trusted network (like connections to the same machine you are on).

The proper way to address this problem is actually kind of written in the error message:

... the remote host public key is probably not present in the '~/.ssh/known_hosts' file

Thus, make sure that the host is already trusted. This can be done by connecting to the host with SSH and check the presented host key against the one you know the host should have. Once accepted it will be put into the known_hosts file.