rancher
/
fleet-docs
mirror of https://github.com/rancher/fleet-docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix warnings about strict host key checks 

This rephrases misleading warnings about known hosts, removing them
entirely for versions where the default behaviour is secure.
This commit is contained in:
Corentin Néau 2025-09-10 12:50:52 +02:00
parent 3f319bd63d
commit 8013c78a96
No known key found for this signature in database
GPG Key ID: 4E10825BFE040608
5 changed files with 3 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/gitrepo-add.md
View File

@ -88,14 +88,6 @@ The key has to be in PEM format.
### Known hosts ### Known hosts
:::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`.
:::
Fleet supports injecting `known_hosts` into an SSH secret. Here is an example of how to add it: Fleet supports injecting `known_hosts` into an SSH secret. Here is an example of how to add it:
Fetch the public key hash (taking Github as an example) Fetch the public key hash (taking Github as an example)

2
versioned_docs/version-0.10/gitrepo-add.md
View File

@ -85,7 +85,7 @@ The key has to be in PEM format.
:::warning :::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to stricthostkeychecking=no` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`. `false`.
::: :::

2
versioned_docs/version-0.11/gitrepo-add.md
View File

@ -85,7 +85,7 @@ The key has to be in PEM format.
:::warning :::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to stricthostkeychecking=no` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`. `false`.
::: :::

2
versioned_docs/version-0.12/gitrepo-add.md
View File

@ -86,7 +86,7 @@ The key has to be in PEM format.
:::warning :::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to stricthostkeychecking=no` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`. `false`.
::: :::

8
versioned_docs/version-0.13/gitrepo-add.md
View File

@ -83,14 +83,6 @@ The key has to be in PEM format.
### Known hosts ### Known hosts
:::warning
If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o
stricthostkeychecking=yes` will be used), unless you install Fleet with chart value `insecureSkipHostKeyChecks` set to
`false`.
:::
Fleet supports injecting `known_hosts` into an SSH secret. Here is an example of how to add it: Fleet supports injecting `known_hosts` into an SSH secret. Here is an example of how to add it:
Fetch the public key hash (taking Github as an example) Fetch the public key hash (taking Github as an example)