Skip to content

fix: remove insecure StrictHostKeyChecking from SSH documentation example#3

Merged
aspectrr merged 9 commits into
mainfrom
copilot/sub-pr-2
Jan 2, 2026
Merged

fix: remove insecure StrictHostKeyChecking from SSH documentation example#3
aspectrr merged 9 commits into
mainfrom
copilot/sub-pr-2

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Jan 2, 2026
edited
Loading

Description

Removed -o StrictHostKeyChecking=no from the SSH connection example in the scripts README, which disabled host key verification and allowed trivial man-in-the-middle attacks.

Changes:

  • Removed insecure StrictHostKeyChecking=no option from SSH example command
  • Added fingerprint verification step using ssh-keyscan and ssh-keygen -lf
  • Added "Host Key Management" section documenting three secure approaches:
    1. Pre-distribute known host keys via secure channels
    2. Verify fingerprints manually on first connection
    3. Use ssh-keyscan with out-of-band fingerprint verification
  • Clarified that trusted fingerprints must be obtained through secure channels (VM console logs, control plane API, secure config management)

Before:

ssh -i /tmp/sandbox_key \
    -o CertificateFile=/tmp/sandbox_key-cert.pub \
    -o StrictHostKeyChecking=no \
    sandbox@192.168.122.x

After:

# Verify and accept the host key
ssh-keyscan 192.168.122.x > /tmp/vm_host_key
ssh-keygen -lf /tmp/vm_host_key  # Compare with trusted fingerprint
# Only proceed if fingerprints match!
cat /tmp/vm_host_key >> ~/.ssh/known_hosts

# Connect
ssh -i /tmp/sandbox_key \
    -o CertificateFile=/tmp/sandbox_key-cert.pub \
    sandbox@192.168.122.x

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update
  • Code style update (formatting, renaming)
  • Code refactor (no functional changes)
  • Configuration change
  • Test update

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings
  • I have added tests that prove my fix is effective or that my feature works

Release Notes

Fixed security vulnerability in SSH documentation example by removing StrictHostKeyChecking=no and adding proper host key verification guidance.

Labels

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI mentioned this pull request Jan 2, 2026
Merged
14 tasks
@aspectrr aspectrr marked this pull request as ready for review January 2, 2026 17:04
Copilot AI review requested due to automatic review settings January 2, 2026 17:04
Copilot AI reviewed Jan 2, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Base automatically changed from aspectrr/sdk-polish to main January 2, 2026 17:05
Copilot AI and others added 4 commits January 2, 2026 17:05
@aspectrr
fix: remove insecure StrictHostKeyChecking from SSH example and add s…
90b7556 
…ecure host key management guidance

Co-authored-by: aspectrr <45578837+aspectrr@users.noreply.github.com>
@aspectrr
fix: add fingerprint verification step to SSH example
a89819f 
Co-authored-by: aspectrr <45578837+aspectrr@users.noreply.github.com>
@aspectrr
docs: clarify secure out-of-band verification for host keys
e629892 
Co-authored-by: aspectrr <45578837+aspectrr@users.noreply.github.com>
@aspectrr
docs: add note about VM console access for secure key export
90fce42 
Co-authored-by: aspectrr <45578837+aspectrr@users.noreply.github.com>
Copilot AI changed the title [WIP] Update sdk prefix and sandbox-init connection based on feedback fix: remove insecure StrictHostKeyChecking from SSH documentation example Jan 2, 2026
Copilot AI requested a review from aspectrr January 2, 2026 17:09
@aspectrr aspectrr merged commit 5e10ee1 into main Jan 2, 2026
1 check passed
@aspectrr aspectrr deleted the copilot/sub-pr-2 branch January 2, 2026 17:11
aspectrr
aspectrr reviewed Jan 2, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@aspectrr aspectrr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@claude claude Bot mentioned this pull request Jan 11, 2026
Closed
14 tasks
aspectrr added a commit that referenced this pull request Jan 11, 2026
@aspectrr
fix: remove insecure StrictHostKeyChecking from SSH documentation exa…
8eadaec 
…mple (#3)

* feat: fix sdk prefix, add sandbox-init connection

* fix: fix sdk generation check

* fix: fix workflows for sdk

* Initial plan

* fix: remove insecure StrictHostKeyChecking from SSH example and add secure host key management guidance

Co-authored-by: aspectrr <45578837+aspectrr@users.noreply.github.com>

* fix: add fingerprint verification step to SSH example

Co-authored-by: aspectrr <45578837+aspectrr@users.noreply.github.com>

* docs: clarify secure out-of-band verification for host keys

Co-authored-by: aspectrr <45578837+aspectrr@users.noreply.github.com>

* docs: add note about VM console access for secure key export

Co-authored-by: aspectrr <45578837+aspectrr@users.noreply.github.com>

---------

Co-authored-by: aspectrr <collin@steelbrowser.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: aspectrr <45578837+aspectrr@users.noreply.github.com>
Co-authored-by: Collin Pfeifer <collinpfeifer@Icloud.com>
@claude claude Bot mentioned this pull request Feb 10, 2026
Merged
14 tasks
@claude claude Bot mentioned this pull request Feb 18, 2026
Merged
14 tasks
aspectrr added a commit that referenced this pull request Mar 15, 2026
@aspectrr
fix: PR review #3
5ac5c5b
aspectrr added a commit that referenced this pull request Mar 15, 2026
@aspectrr @claude
feat: add fluid connect command and TUI connect wizard (#76)
e5499e4 
* feat: add fluid connect command and TUI connect wizard

- Add `fluid connect <address>` CLI command: tests gRPC connection, runs doctor checks, and saves daemon to config
- Add TUI /connect wizard with multi-step flow (address input, connecting, doctor checks, done)
- Add Cancel() to AgentRunner interface and ESC key support to abort running agent
- Add SetSandboxService() to hot-swap daemon connection after /connect
- Extend readonly prepare/validate/shell in both cli and daemon
- Update web docs: daemon-setup-steps, quickstart-steps, cli-reference

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: use fmt.Fprintf instead of WriteString(fmt.Sprintf(...)) in connect.go

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: replace remaining WriteString(fmt.Sprintf(...)) with fmt.Fprintf in connect.go

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: use go env GOPATH to locate gofumpt in lefthook pre-commit hook

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: add connect command

* fix: replace WriteString(fmt.Sprintf(...)) with fmt.Fprintf in connect.go

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* fix: fix writef

* fix: fix PR review issues

* fix: fix PR review issues 2

* fix: finale PR fixes

* fix: remove unused

* fix: PR review

* fix: PR review #3

* fix: PR review #4

* fix: PR review #5

* feat: pii redaction docs, fixing nitys

* fix: make pii redaction correct with what LLM sees, remove tls cert

* fix: PR nits

* fix: redaction issues and openssl

* fix: move readonly to shared

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
@claude claude Bot mentioned this pull request Apr 7, 2026
Merged
14 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aspectrr aspectrr aspectrr left review comments

Copilot code review Copilot Copilot left review comments

Assignees

@aspectrr aspectrr

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aspectrr