mirror of
https://github.com/webfactory/ssh-agent.git
synced 2025-06-28 21:53:46 +00:00
Stop adding GitHub SSH keys (#171)
We need to fix the SSH keys shipped with this action: https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/ But, we have another issue (https://github.com/webfactory/ssh-agent/pull/108) with regards to host keys: On self-hosted runners which are not ephemeral the known_host file fills up with repeated entries, because every action run adds a new line with the same host keys. Also, on those machines, the old key will still be in the `known_hosts` file. IMHO this action should not be repsonsible for shipping SSH host keys, that's too much responsibility. This section in the code is a leftover from early days when GitHub provided runners did not include SSH keys at all. For a long time already, GH takes care of placing their SSH keys in their runner images. For self-hosted runners, those people setting up the runner should fetch and verify SSH keys themselves and put it into the `known_hosts` file. I know this is a breaking change and is going to annoy users. But on the other hand, there is no better opportunity to drop this feature than with an emergency-style key revocation as today. Closes #106, closes #129, closes #169, closes #170, closes #172.
This commit is contained in:
Matthias Pigulla
GitHub
parent
ea17a056b9
commit
d4b9b8ff72
4 changed files with 73 additions and 55 deletions
|
|
@ -272,4 +272,4 @@ developer looking for new challenges, we'd like to hear from you!
|
|||
- <https://www.webfactory.de>
|
||||
- <https://twitter.com/webfactory>
|
||||
|
||||
Copyright 2019 – 2022 webfactory GmbH, Bonn. Code released under [the MIT license](LICENSE).
|
||||
Copyright 2019 – 2023 webfactory GmbH, Bonn. Code released under [the MIT license](LICENSE).
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue