Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Re-enable SSH host key checking for all operations except when adding repo #717

Merged
merged 5 commits into from
Nov 18, 2020
Merged

Re-enable SSH host key checking for all operations except when adding repo #717

merged 5 commits into from
Nov 18, 2020

Conversation

m3nu
Copy link
Contributor

@m3nu m3nu commented Nov 17, 2020
edited
Loading

This limits accepting unknown SSH host keys to the inital repo setup. I.e. borg info and borg init. All other operations would fail if the original host key changed.

This is a trade-off between usability and security. Eventually we'd like to ask for the host key fingerprint when adding a new repo and verify it when adding.

See also: #714

@m3nu m3nu changed the title Keep SSH host key checking. Fixes #714 Keep SSH host key checking. Nov 17, 2020
@m3nu m3nu force-pushed the issue/714/verify-host-key branch from dc33b70 to e8f8721 Compare November 17, 2020 05:17
@m3nu m3nu changed the title Keep SSH host key checking. Re-enable SSH host key checking for all operations except when adding repo Nov 17, 2020
@samuel-w
Copy link
Contributor

I get this crash with a custom SSH key

Traceback (most recent call last):
  File "/home/user/Projects/vorta-manu/src/vorta/views/archive_tab.py", line 211, in list_action
    thread = BorgListRepoThread(params['cmd'], params, parent=self.app)
  File "/home/user/Projects/vorta-manu/src/vorta/borg/borg_thread.py", line 80, in __init__
    env['BORG_RSH'] += f' -i {ssh_key_path}'
KeyError: 'BORG_RSH'
Aborted

@m3nu
Copy link
Contributor Author

m3nu commented Nov 17, 2020

Good find. Let me fix that.

@m3nu
Copy link
Contributor Author

m3nu commented Nov 17, 2020

Should be fixed now, @samuel-w

@m3nu @samuel-w
Update src/vorta/borg/borg_thread.py
afb517c 
Nice

Co-authored-by: Samuel <samuel.woon@protonmail.com>
@m3nu m3nu merged commit 0558136 into borgbase:master Nov 18, 2020
@m3nu
Copy link
Contributor Author

m3nu commented Nov 18, 2020

Thanks for reviewing and improving, @samuel-w 🙏

@m3nu m3nu deleted the issue/714/verify-host-key branch January 20, 2021 05:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samuel-w samuel-w samuel-w approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@m3nu @samuel-w