Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prevent asking to add to known_hosts #13

Closed
buismaarten opened this issue Feb 5, 2020 · 4 comments · Fixed by #16
Closed

Prevent asking to add to known_hosts #13

buismaarten opened this issue Feb 5, 2020 · 4 comments · Fixed by #16
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed

Comments

@buismaarten
Copy link

Hi there,

The SSH command only connects when the host is added to the local known_hosts file. When I connect to a server for the first time it will not work.

When I use the following options with the command it will work.

-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null

References:

@freekmurze freekmurze added enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed labels Feb 5, 2020
@freekmurze
Copy link
Member

I'd accept a PR that adds this to the package. By default it should add this. There should be a new method called EnableStrictHostKeyChecking to turn on the behaviour. The tests + readme should be updated.

@hyperized
Copy link

hyperized commented Feb 6, 2020

@freekmurze this is horrible. This key thing is done by design. The proper way to use keychecking is to let SSH know ahead of time which host keys you will be willing to accept with:

https://man.openbsd.org/ssh-keyscan.1
https://linux.die.net/man/1/ssh-keyscan
I can image a scenario in which the UserKnownHostsFile is simply a temp file per session. The only thing the package needs is to know the ip or hostname of the target server (which it knows :)).

I will create a PR for this in a little bit.

@freekmurze
Copy link
Member

Thinking about it some more, I agree, and we should change this behaviour.

@freekmurze
Copy link
Member

We'll continue this in #17

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants