In my previous post here I shared how to start an EC2 server and then set DNS for it. So the DNS record for the server changes every time you perform a stop and start on the it.
This brings up an interesting problem. Every time I try to ssh into this server, I get prompted about the authenticity of the host as shown below
$ ssh [email protected]
The authenticity of host 's1.skbali.com (xx.xxx.xxx.xx)' can't be established.
ECDSA key fingerprint is SHA256:wgu7/xxxxxxxxxxxxxxxxxxxxxxxxxxx.
Are you sure you want to continue connecting (yes/no)?
After answering ‘yes’ to the above you will see an entry in your ~/.ssh/known_hosts file
s1.skbali.com,xx.xxx.xxx.xx ecdsa-sha2-nistp256 AAAAE2...........GlzvCys=
and this goes on and on every time you connect to the server after doing a stop and start with new DNS entry.
You can avoid adding new entries to the known_hosts file by specifying
ssh -o 'CheckHostIP=no' [email protected]
In fact, if you delete the known host entry and try the above, the new entry will be of the format
s1.skbali.com ecdsa-sha2-nistp256 AAAAE2...........GlzvCys=
with no ip listed after the server name.
To make login even easier you can login using an alias for your server.
Define the server alias in your ~/.ssh/config file as shown
Host s1
CheckHostIP no
Hostname s1.skbali.com
User user
Now you can login just by entering the server alias
ssh s1
