On pe, 15 kesä 2018, Chris Herdt via FreeIPA-users wrote:
FreeIPA (via sssd) adds the following to my /etc/ssh/ssh_config:
GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts
PubkeyAuthentication yes
ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h
If I understand correctly, that means that `/etc/ssh/ssh_known_hosts` will
not be referenced, correct?
According to the ssh_config man page,
GlobalKnownHostsFile accepts
multiple files separated by a whitespace. So you can add
/etc/ssh/ssh_known_hosts to that list.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland