rancher
/
fleet-docs
mirror of https://github.com/rancher/fleet-docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix warnings about strict host key checks (#327) 

This rephrases misleading warnings about known hosts, removing them
entirely for versions where the default behaviour is secure.
This commit is contained in:
Corentin Néau 2025-09-12 10:41:59 +02:00 committed by GitHub
parent 4e3c865656
commit 7bbd3247bf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 3 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/gitrepo-add.md
View File

@ -88,14 +88,6 @@ The key has to be in PEM format.
### Known hosts
:::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`.
:::
Fleet supports injecting `known_hosts` into an SSH secret. Here is an example of how to add it:
Fetch the public key hash (taking Github as an example)

2
versioned_docs/version-0.10/gitrepo-add.md
View File

@ -85,7 +85,7 @@ The key has to be in PEM format.
:::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
stricthostkeychecking=no` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`.
:::

2
versioned_docs/version-0.11/gitrepo-add.md
View File

@ -85,7 +85,7 @@ The key has to be in PEM format.
:::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
stricthostkeychecking=no` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`.
:::

2
versioned_docs/version-0.12/gitrepo-add.md
View File

@ -86,7 +86,7 @@ The key has to be in PEM format.
:::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
stricthostkeychecking=no` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`.
:::

8
versioned_docs/version-0.13/gitrepo-add.md
View File

@ -83,14 +83,6 @@ The key has to be in PEM format.
### Known hosts
:::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`.
:::
Fleet supports injecting `known_hosts` into an SSH secret. Here is an example of how to add it:
Fetch the public key hash (taking Github as an example)