From 4a5f6419380f8a2af5618d1966d04bd34c49f111 Mon Sep 17 00:00:00 2001 From: Sean Buckley Date: Fri, 7 Jul 2023 14:58:58 -0400 Subject: [PATCH] remove strict host key checking requirement --- lib/gen-ssh-config.nix | 1 - pkgs/deploy/deploy.py | 7 ------- 2 files changed, 8 deletions(-) diff --git a/lib/gen-ssh-config.nix b/lib/gen-ssh-config.nix index a60ee08..abb4b6f 100644 --- a/lib/gen-ssh-config.nix +++ b/lib/gen-ssh-config.nix @@ -15,7 +15,6 @@ let in builtins.toFile "ssh-config" ('' - StrictHostKeyChecking yes GlobalKnownHostsFile ${sshKnownHostsTxt} '' + lib.concatMapStrings diff --git a/pkgs/deploy/deploy.py b/pkgs/deploy/deploy.py index 6d3de45..72e0dda 100755 --- a/pkgs/deploy/deploy.py +++ b/pkgs/deploy/deploy.py @@ -7,12 +7,6 @@ from subprocess import run, PIPE, STDOUT from sys import argv -def strict_host_key_checking(): - txt = run(["ssh", "-G", "localhost"], stdout=PIPE).stdout - if "stricthostkeychecking true" not in txt.decode("utf8").splitlines(): - raise RuntimeError("This script requires StrictHostKeyChecking") - - def get_deployment(): return loads( run( @@ -183,7 +177,6 @@ def main(): icon_bad = "\u274c" icon_good = "\u2705" -strict_host_key_checking() depl = get_deployment() tags = set(sum([depl[name]["tags"] for name in depl], [])) if __name__ == "__main__":