From d74fbab6e236091864aa8c02377057c9d5e29ea6 Mon Sep 17 00:00:00 2001 From: Jordan Banasik Date: Wed, 20 Dec 2023 11:50:31 -0800 Subject: [PATCH] Add known hosts header, move warning This change adds a tertiary header for the `Known hosts` section and moves the warning to the top to emphasize the importance of adding known hosts. --- docs/gitrepo-add.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/docs/gitrepo-add.md b/docs/gitrepo-add.md index 049999b4b..4da54b164 100644 --- a/docs/gitrepo-add.md +++ b/docs/gitrepo-add.md @@ -52,6 +52,14 @@ The key has to be in PEM format. ::: +### Known hosts + +:::warning + +If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o stricthostkeychecking=accept-new` will be used) + +::: + Fleet supports putting `known_hosts` into ssh secret. Here is an example of how to add it: Fetch the public key hash(take github as an example) @@ -74,12 +82,6 @@ stringData: |1|YJr1VZoi6dM0oE+zkM0do3Z04TQ=|7MclCn1fLROZG+BgR4m1r8TLwWc= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== ``` -:::warning - -If you don't add one or more public keys into the secret, any server's public key will be trusted and added. (`ssh -o stricthostkeychecking=accept-new` will be used) - -::: - :::info If you are using openssh format for the private key and you are creating it in the UI, make sure a carriage return is appended in the end of the private key.