search

clue / reactphp-ssh-proxy

Async SSH proxy connector and forwarder, tunnel any TCP/IP-based protocol through an SSH server, built on top of ReactPHP.
https://clue.engineering/2018/introducing-reactphp-ssh-proxy
MIT License
21 stars 7 forks source link

Add option to accept new fingerprint #3

Open clue opened 5 years ago

clue commented 5 years ago

Right now, this project will complain when you're connecting to a server for the first time and you have not already accepted have its fingerprint. You may simply connect on the command line with ssh user@example.com and accept this initial fingerprint (TOFU: trust on first use).

We should add an option to pass an explicit fingerprint to this library so that one no longer has to connect to a server on the command line before being able to use this library.

clue commented 11 months ago

See also the provisional ssh URI scheme definition in https://www.iana.org/assignments/uri-schemes/prov/ssh:

ssh://[<user>[;fingerprint=<host-key fingerprint>]@]<host>[:<port>]

See also expired draft https://datatracker.ietf.org/doc/draft-salowey-secsh-uri/ & https://www.ietf.org/archive/id/draft-salowey-secsh-uri-00.html