feature request: Disable host key fingerprints check for sshproxy mode

ContainerSSH / libcontainerssh

Embedded ContainerSSH and webhook helper library

https://containerssh.io/

Apache License 2.0

63 stars 23 forks source link

feature request: Disable host key fingerprints check for sshproxy mode #243

Closed gaocegege closed 2 years ago

gaocegege commented 2 years ago

Please describe what you would like to see in ContainerSSH

sshproxy:
  server: localhost
  port: 22222
  username: envd
  privateKey: /home/gaocegege/.config/envd/id_rsa_envd
  allowedHostKeyFingerprints:
   - SHA256:

The allowedHostKeyFingerprints cannot be empty now. It will be better to add a new config to disable the host key fingerprints check

Please describe your use case

A clear and concise description of how you would use this feature.

ghost commented 2 years ago

@gaocegege why would you not be able to provide the host keys? You can dynamically populate this from your config server.

If we allow disabling host key checks, users will be tempted to do this even when sending connections to a remote server, which is a clear and present weakness and should be avoided.

gaocegege commented 2 years ago

I may dynamically change the ssh remote address in the config server in the sshproxy mode.

But make sense, I agree that it may be over-used.

ghost commented 2 years ago

With a dynamic number of servers, it would be better to use an inventory to provide a list of host keys to the config server (e.g. when provisioning them). If you absolutely can't do that, you can always fetch the host keys from the config server. ssh-keyscan does this, but you can easily do this with any SSH library in Go or Python too.

gaocegege commented 2 years ago

Make sense, I am closing the issue.