-
由 Amador Pahim 提交于
When Avocado runs tests on remote machines it always accepts the host SSH key fingerprint. This could allow credentials to be stolen if the remote host name or address is spoofed. This patch adds to Avocado the configuration option to enable/disable the reject_unknown_hosts option, so user can choose between safe or flexible. Notice there is an issue in Paramiko where it does not recognizes ecdsa keys in known_hosts file. So for reject_unknown_hosts to work, we currently have to accept the remote host key fingerprint in RSA format. To do so, the SSH command shouled be like below: $ ssh -oHostKeyAlgorithms='ssh-rsa' <host> Reference: https://trello.com/c/oqyAvZBqSigned-off-by: NAmador Pahim <apahim@redhat.com>
661a9abb