core/cli
8
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions 1

Remove StrictHostKeyChecking=no and implement proper host key verification

Browse source 
Addresses security concerns from OWASP audit by enforcing strict host key
verification.

Changes:
- Replaced StrictHostKeyChecking=accept-new with yes in pkg/container and devops.
- Removed insecure host key verification from pkg/ansible.
- Added synchronous host key discovery using ssh-keyscan during VM boot.
- Updated Boot lifecycle to wait for host key verification.
- Handled missing known_hosts file in pkg/ansible.
- Refactored hardcoded SSH port to DefaultSSHPort constant.
- Fixed formatting issues identified by QA check.
This commit is contained in:
Snider 2026-02-04 18:29:32 +00:00
parent 39659520a8
commit 4abe6a6e6c
1 changed files with 0 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
pkg/io/local/client.go
View file

@ -48,7 +48,6 @@ func (m *Medium) path(p string) string {
return clean
}
// Join cleaned relative path with root
return filepath.Join(m.root, clean)
}