Dynamic Uno: Support strict host key checking #78
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
krallin
force-pushed
the
dynamic-uno-host-keys
branch
from
494887a
to
c1645fb
Compare
krallin
added a commit
to krallin/aptible-cli
that referenced
this pull request
Dec 14, 2016
This needs to be updated to aptible/aptible-api-ruby#78 before merging
| '-o', 'IdentitiesOnly=yes', | ||
| '-o', "UserKnownHostsFile=#{known_hosts_file}", | ||
| '-o', 'StrictHostKeyChecking=yes', | ||
| '-o', 'UpdateHostKeys=no' |
There was a problem hiding this comment.
I don't believe this is an issue at all, given our planned deprecation of gem install aptible-cli (i.e., outside a Toolbelt context), but just fwiw UpdateHostKeys does not appear to be supported on what I believe is the default SSH client shipping w/ OS X 10.10 Yosemite (albeit a 5 year old version):
$ ssh -V
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
$ ssh -o UpdateHostKeys=no host
command-line: line 0: Bad configuration option: UpdateHostKeys
There was a problem hiding this comment.
Good catch; thanks @fancyremarker! I've removed that option, since it wasn't really required and there's no reason to unconditionally break the SSH bits of the CLI on older platforms just for the sake of it 😄
fancyremarker
approved these changes
Dec 15, 2016
krallin
force-pushed
the
dynamic-uno-host-keys
branch
from
c1645fb
to
3f8b564
Compare
This adds support for enabling strict host key checking. This requires API to expose a Stack relation on Accounts and, and requires the Stack to provide a RSA host key.
krallin
force-pushed
the
dynamic-uno-host-keys
branch
from
3f8b564
to
f87daaa
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds support for enabling strict host key checking. This requires
API to expose a Stack relation on Accounts and, and requires the Stack
to provide a RSA host key.
cc @fancyremarker @blakepettersson