Update Automation To Facilitate More-Transparent Rebuilding
ferricoxide opened this issue · comments
Thomas H Jones II commented
Problem Description:
Upon reprovisioning, all service-users that use SSH for push/pull operations receive spurious main-in-the-middle-attack errors.
Expected Behavior:
After a rebuild event, SSH-based git actions do not experience main-in-the-middle-attack warnings.
Actual Behavior:
After a rebuild event, SSH-based git actions experience (objectively spurious) main-in-the-middle-attack warnings.
Fix recommendation:
Ensure that, upon provisioning:
- A replacement-host checks for availability of prior host's SSH hostkeys, installing them if present
- If no prior hostkeys present, generate new ones and upload to a location that further replacement-hosts can pull from
Thomas H Jones II commented
Superseded by #27