Find a way to skip host key check for the "starcluster sshmaster mycluster" command

[ogrisel]

Most of the time the EC2 host for the master node is newly provisioned, hence we get an annoying message such as the following:

The authenticity of host 'ec2-23-22-250-167.compute-1.amazonaws.com (23.22.250.167)' can't be established.
RSA key fingerprint is da:d7:79:fa:ee:df:49:9c:ca:43:55:45:26:04:54:6c.
Are you sure you want to continue connecting (yes/no)? yes

There should be a way to tell paramiko to ignore the host check.

[jtriley]

This isn't from paramiko, it's from the native SSH client. StarCluster uses the native client before the more limited pure-Python/paramiko shell (the paramiko shell is mostly used on Windows). With that said it's generally a bad idea to ignore host key checks. The proper solution is to build and use a separate known_hosts file (e.g ~/.starcluster/known_hosts) that is only populated after the host key fingerprint can be fetched from a given instance's console output (fetched via the EC2 API). I will work on a fix for this after next release. It's somewhat complicated given that it can take up to 5 min before an instance's console output is available via the EC2 API, however, this is the proper fix IMO.

[ogrisel]

That sounds good, thanks.

[gungorbudak]

Wondering if the following approach would work in StarCluster for this issue:
http://superuser.com/a/269272

[golharam]

Bumping this...would like to see it implemented...