Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Add new flag --ssh-hostkey-algos #711

Merged
merged 1 commit into from
May 10, 2022
Merged

Conversation

pjbgf
Copy link
Member

@pjbgf pjbgf commented May 6, 2022

The new flag allow users to set the list of hostkey algorithms to use for ssh connections, enabling them to ensure specific are/aren't used.

Fixes #397

@pjbgf pjbgf added the area/git Git related issues and pull requests label May 6, 2022
@pjbgf pjbgf added this to the GA milestone May 6, 2022
@pjbgf pjbgf force-pushed the add-hostkey-flag branch from 863ac0a to 2e9f2a7 Compare May 9, 2022 14:26
@pjbgf pjbgf marked this pull request as ready for review May 9, 2022 14:28
@pjbgf pjbgf requested a review from aryan9600 May 9, 2022 14:50
@@ -124,8 +123,10 @@ func main() {
"The TTL of an index in the cache. Valid time units are ns, us (or µs), ms, s, m, h.")
flag.StringVar(&helmCachePurgeInterval, "helm-cache-purge-interval", "1m",
"The interval at which the cache is purged. Valid time units are ns, us (or µs), ms, s, m, h.")
flag.StringSliceVar(&kexAlgos, "ssh-kex-algos", []string{},
flag.StringSliceVar(&git.KexAlgos, "ssh-kex-algos", []string{},
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Although is technically alright, I wonder if it'd be better to have all the flag vars organized in the same place. This is honestly very trivial, so if you feel like your current change is fine, it's okay by me.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That was the one thing I wasn't too sure about as well. The motivation for taking this approach was that both vars are not used within main.go, so I did not see much benefit for declaring them there - specially considering that in the feature we may add another one/two similar flags (i.e. --ssh-macs and --ssh-ciphers).

But I am happy to declare the vars within main.go if anyone feels strongly about it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We really need to get these flags into docs, like we do for the Flux CLI with https://github.com/fluxcd/flux2/blob/main/cmd/flux/docgen.go

The more flags we add, the harder it gets for users to comprehend Flux global config.

The new flag allow users to set the list of hostkey algorithms
to use for ssh connections, enabling them to ensure specific
are/aren't used.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
@pjbgf pjbgf force-pushed the add-hostkey-flag branch from 2e9f2a7 to 9fddf69 Compare May 9, 2022 15:29
Copy link
Member

@stefanprodan stefanprodan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
area/git Git related issues and pull requests
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

libgit2: does not always seem to agree on host key while known_hosts is valid
3 participants