[libvirt] [tck PATCH v2 11/15] scripts: disable known hosts file

Despite having StrictHostKeyChecking=no, SSH still complains about the host key mismatch and disables password auth as a result. Using /dev/null as the known_hosts file ensures the keys are never saved to the user's profile. Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; --- scripts/nwfilter/210-no-mac-spoofing.t | 3 ++- scripts/nwfilter/220-no-ip-spoofing.t | 3 ++- scripts/nwfilter/230-no-mac-broadcast.t | 3 ++- scripts/nwfilter/240-no-arp-spoofing.t | 3 ++- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/scripts/nwfilter/210-no-mac-spoofing.t b/scripts/nwfilter/210-no-mac-spoofing.t index 99c5058..95b1499 100644 --- a/scripts/nwfilter/210-no-mac-spoofing.t +++ b/scripts/nwfilter/210-no-mac-spoofing.t @@ -97,7 +97,8 @@ diag "ssh'ing into $guestip"; my $ssh = Net::OpenSSH->new($guestip, user => "root", password => $tck->root_password(), - master_opts => [-o => "StrictHostKeyChecking=no"]); + master_opts => [-o => "UserKnownHostsFile=/dev/null", + -o => "StrictHostKeyChecking=off"]); # now bring eth0 down, change MAC and bring it up again diag "fiddling with mac"; diff --git a/scripts/nwfilter/220-no-ip-spoofing.t b/scripts/nwfilter/220-no-ip-spoofing.t index 85c4807..a1da6eb 100644 --- a/scripts/nwfilter/220-no-ip-spoofing.t +++ b/scripts/nwfilter/220-no-ip-spoofing.t @@ -91,7 +91,8 @@ diag "ssh'ing into $guestip"; my $ssh = Net::OpenSSH->new($guestip, user => "root", password => $tck->root_password(), - master_opts => [-o => "StrictHostKeyChecking=no"]); + master_opts => [-o => "UserKnownHostsFile=/dev/null", + -o => "StrictHostKeyChecking=no"]); # now bring eth0 down, change IP and bring it up again diag "preparing ip spoof"; diff --git a/scripts/nwfilter/230-no-mac-broadcast.t b/scripts/nwfilter/230-no-mac-broadcast.t index b65b3fc..4254e7c 100644 --- a/scripts/nwfilter/230-no-mac-broadcast.t +++ b/scripts/nwfilter/230-no-mac-broadcast.t @@ -119,7 +119,8 @@ diag "ssh'ing into $guestip"; my $ssh = Net::OpenSSH->new($guestip, user => "root", password => $tck->root_password(), - master_opts => [-o => "StrictHostKeyChecking=no"]); + master_opts => [-o => "UserKnownHostsFile=/dev/null", + -o => "StrictHostKeyChecking=no"]); # now generate a mac broadcast paket diag "generate mac broadcast"; diff --git a/scripts/nwfilter/240-no-arp-spoofing.t b/scripts/nwfilter/240-no-arp-spoofing.t index 69851b6..882a385 100644 --- a/scripts/nwfilter/240-no-arp-spoofing.t +++ b/scripts/nwfilter/240-no-arp-spoofing.t @@ -100,7 +100,8 @@ diag "ssh'ing into $guestip"; my $ssh = Net::OpenSSH->new($guestip, user => "root", password => $tck->root_password(), - master_opts => [-o => "StrictHostKeyChecking=no"]); + master_opts => [-o => "UserKnownHostsFile=/dev/null", + -o => "StrictHostKeyChecking=no"]); # now generate a arp spoofing packets diag "generate arpspoof script"; -- 2.17.0