fezzik icon indicating copy to clipboard operation
fezzik copied to clipboard
verified publisher icon dmac

Optionally add unknown ssh hosts to known_hosts file

Open philc opened this issue 14 years ago • 1 comments

If you've never ssh'd into a host before and you begin deploying with fezzik to that host, you will get a confirmation message asking you to add it to the list of known hosts. Since fezzik isn't accepting keyboard input, the deploy hangs there.

Here's a reference for implementing workaround: http://www.sharms.org/blog/2009/01/mass-adding-hosts-to-ssh-known_hosts-file/

One thing that's unclear about this addition is how "optionally" should be implemented in fezzik. Maybe an "add hosts to deploy target" global option in deploy.rb?

philc avatar Aug 11 '11 07:08 philc

A much simpler (though less secure) way to do this is to tack on -oStrictHostKeyChecking=no to the ssh connection. This will cause ssh to automatically add new hosts.

Unfortunately, it will also ignore changed host keys, so intercepting traffic becomes much easier. You do still get the giant WARNING, and "Password authentication is disabled to avoid man-in-the-middle attacks."

edanaher avatar Aug 16 '11 22:08 edanaher