Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
EC2: disable strict host checking for SSH
It's safe to assume the first connection to the host returned by EC2 is safe, since noone will really check if IP is withing amazon IP ranges cc @edolstra @rbvermaa
- Loading branch information
1 parent
69e608a
commit b104025
b104025There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wait, why is this needed?
Strict host key checking should work fine because NixOps specifies the initial host key via the instance user data.
b104025There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It could be it's broken now? I'm using
nixopsUnstableand 17.03 as base image. So probably best to revert this and dig into why it's broken.b104025There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I haven't seen any problems, but I haven't tried 17.03.
b104025There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reverted in 5a9adc8
b104025There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see problems with nixpkgs 16.09 + nixops 1.5. In clean environment I get "Host key verification failed".