Improve SSH known hosts #5

Open
opened 2023-09-06 22:02:44 +00:00 by cyclane · 1 comment
Owner

Currently the inventory does:

          vars:
            ansible_user: debian
            ansible_ssh_private_key_file: ~/.ssh/id_rsa
            ansible_ssh_common_args: -o StrictHostKeyChecking=accept-new # TODO: Improve this

Ideally host key checking should be stricter. Maybe provision keys with cloud-init (custom)?

Currently the inventory does: ```yaml vars: ansible_user: debian ansible_ssh_private_key_file: ~/.ssh/id_rsa ansible_ssh_common_args: -o StrictHostKeyChecking=accept-new # TODO: Improve this ``` Ideally host key checking should be stricter. Maybe provision keys with cloud-init (custom)?
cyclane added the
Kind/Enhancement
Kind/Security
Priority
Medium
Kind/Spike
labels 2023-09-06 22:02:44 +00:00
cyclane added this to the Core project 2023-11-24 17:02:14 +00:00
cyclane added
Priority
Low
and removed
Priority
Medium
labels 2024-01-03 15:32:08 +00:00
Author
Owner

Lowered priority because *.srv.home.local.koval.net is now on the FAST physical network, which only has VMs on it and no public internet access.

Lowered priority because `*.srv.home.local.koval.net` is now on the `FAST` physical network, which only has VMs on it and no public internet access.
Sign in to join this conversation.
No description provided.