Jump to navigation Jump to search
CheckHostIP If this flag is set to yes, ssh(1) will additionally check the host IP address in the known_hosts file. This allows ssh to detect if a host key changed due to DNS spoofing. If the option is set to no, the check will not be executed. The default is yes until OpenSSH 8.5 (2021)
ssh 8.5 disable
CheckHostIP by default.