Even if you are using some kind of prebaked images to deploy, you should be generating individual keys using the SSH PKI features per machine as part of your individual host configurations.
This allows you to verify hosts while having never seen their keys. Just totally shutting off verification is a horrible idea.
the_mitsuhiko|10 years ago
Not really. This is for deploy systems which deploy to a trusted environment (for instance through VPN, network security etc.).
throwaway2048|10 years ago
This allows you to verify hosts while having never seen their keys. Just totally shutting off verification is a horrible idea.