ssh client global
ssh client global {host-key-check <policy>} | known-host <known-host-entry>}
no ssh client global {host-key-check | known-host localhost}
Configures global SSH client settings.
The no form of the command negates global SSH client settings.
Syntax Description
host-key-check <policy>
known-host
known-host-entry
Default
host-key-check - ask, no keys are configured by default
Modes/Context
Config
History
3.1.0000
Role
admin
Example
switch (config) # ssh client global host-key-check no
switch (config) # ssh client global known-host "72.30.2.2 ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEArB9i5OnukAHNUOkwpCmEl0m88kJgBzL22+F5tfaSn+S
0pVYxrceZeyuzXsoZ1VtFTk2Fydwy0YvMS0Kcv2PuCrPZV/
GYd31QEnn22rEmrlPrKCrMl1XlUy6DFlr3OgwWm1baobmDlG/gSziWz/
gc4Jgqf2CyXFq4pzaR1jar1Vk="
switch (config) # show ssh client
SSH client Strict Hostkey Checking: ask
SSH Global Known Hosts:
No SSH user identities configured.
No SSH authorized keys configured.
switch (config) #
Sets SSH client configuration to control how host key
checking is performed. This parameter may be set in 3
ways.
•
•
•
Adds an entry to the global known-hosts configuration
file.
Adds/removes an entry to/from the global known-hosts
configuration file. The entry consist of "<IP> <key-
type> <key>".
Entry 1: 72.30.2.2
Finger Print: 1e:b7:8b:ec:ab:35:98:be:6b:d6:12:c2:18:72:12:d6
If set to "no" it always permits connection, and accepts
any new or changed host keys without checking
If set to "ask" it prompts user to accept new host keys, but
does not permit a connection if there was already a known
host entry that does not match the one presented by the
host
If set to "yes" it only permits connection if a matching
host key is already in the known hosts file
Mellanox Technologies
Rev 1.6.2
194