git-resource icon indicating copy to clipboard operation
git-resource copied to clipboard
verified publisher icon concourse

Enable ssh key verification for hosts

Open pronoiac opened this issue 8 years ago • 2 comments

This is a proactive hardening measure; this is not a reaction to a current issue.

The resource currently doesn't verify the ssh key when it performs git clones - reference. I'd like to be able to enable ssh key verification. The optional parameters I see being useful:

  • enable ssh key verification
  • acceptable keys, whether in fingerprint form or the form found in ~/.ssh/known_hosts or the output of ssh-keyscan

I'd be open to hardcoding the Github keys, though I understand if that seems too much of a special case to you.

pronoiac avatar Mar 31 '17 16:03 pronoiac

Hi there!

We use Pivotal Tracker to provide visibility into what our team is working on. A story for this issue has been automatically created.

The current status is as follows:

  • [ ] #142860271 Enable ssh key verification for hosts

This comment, as well as the labels on the issue, will be automatically updated as the status in Tracker changes.

concourse-bot avatar Mar 31 '17 16:03 concourse-bot

Are we trying to keep retro compatibility with that feature ? Do we want to ignore ssh fingerprint checking unless it was explicitly defined ?

gcmalloc avatar Apr 25 '18 05:04 gcmalloc