When UserKnownHostsFile is set to /dev/null in /etc/ssh/ssh_config, 'check_ssh_target()' will return 1 and make 'kdumpctl (re)start' failed. This patch enables kdumpctl to print information about this issue to help users locate the problem. But setting UserKnownHostsFile to 'no' (mentioned here https://bugzilla.redhat.com/show_bug.cgi?id=1360131) isn't under consideration since it seems like that OpenSSH doesn't support such a method to disable host key checking.
Signed-off-by: Tong Li tonli@redhat.com --- kdumpctl | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/kdumpctl b/kdumpctl index cb6f004..f0f3ae2 100755 --- a/kdumpctl +++ b/kdumpctl @@ -700,6 +700,14 @@ check_ssh_config() check_ssh_target() { local _ret + # We need to check host key when dumping to a ssh target, so remind user if UserKnownHostsFile + # is set to /dev/null, which is used to disable host key checking. + grep -E "^\s*UserKnownHostsFile\s+/dev/null" /etc/ssh/ssh_config &>/dev/null + _ret=$? + if [ $_ret -eq 0 ]; then + echo "Could not check host key, you need to change UserKnownHostsFile in /etc/ssh/ssh_config to a normal file" >&2 + return 1 + fi ssh -q -i $SSH_KEY_LOCATION -o BatchMode=yes $DUMP_TARGET mkdir -p $SAVE_PATH _ret=$? if [ $_ret -ne 0 ]; then
Hi, Tong
On 12/01/16 at 01:43pm, Tong Li wrote:
When UserKnownHostsFile is set to /dev/null in /etc/ssh/ssh_config, 'check_ssh_target()' will return 1 and make 'kdumpctl (re)start' failed. This patch enables kdumpctl to print information about this issue to help users locate the problem. But setting UserKnownHostsFile to 'no' (mentioned here https://bugzilla.redhat.com/show_bug.cgi?id=1360131) isn't under consideration since it seems like that OpenSSH doesn't support such a method to disable host key checking.
We force using -o StrictHostKeyChecking=yes in kdump scripts so it conflicts with our code. It should be corner case we can ignore it to keep the code simpler.
Signed-off-by: Tong Li tonli@redhat.com
kdumpctl | 8 ++++++++ 1 file changed, 8 insertions(+)
diff --git a/kdumpctl b/kdumpctl index cb6f004..f0f3ae2 100755 --- a/kdumpctl +++ b/kdumpctl @@ -700,6 +700,14 @@ check_ssh_config() check_ssh_target() { local _ret
- # We need to check host key when dumping to a ssh target, so remind user if UserKnownHostsFile
- # is set to /dev/null, which is used to disable host key checking.
- grep -E "^\s*UserKnownHostsFile\s+/dev/null" /etc/ssh/ssh_config &>/dev/null
- _ret=$?
- if [ $_ret -eq 0 ]; then
echo "Could not check host key, you need to change UserKnownHostsFile in /etc/ssh/ssh_config to a normal file" >&2return 1- fi ssh -q -i $SSH_KEY_LOCATION -o BatchMode=yes $DUMP_TARGET mkdir -p $SAVE_PATH _ret=$? if [ $_ret -ne 0 ]; then
-- 2.7.4 _______________________________________________ kexec mailing list -- kexec@lists.fedoraproject.org To unsubscribe send an email to kexec-leave@lists.fedoraproject.org
Thanks Dave
-
Dave Young -
Tong Li