Skip to content

Commit ed406ec

Browse files
LadmeLadme
committed
Removed strict host key checking when using ssh
1 parent 8a213bf commit ed406ec

3 files changed

Lines changed: 24 additions & 11 deletions

File tree

src/qq_lib/batch/interface/interface.py

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -377,6 +377,7 @@ def read_remote_file(cls, host: str, file: Path) -> str:
377377
"ssh",
378378
"-o PasswordAuthentication=no",
379379
"-o GSSAPIAuthentication=yes",
380+
"-o StrictHostKeyChecking=no", # allow unknown hosts
380381
f"-o ConnectTimeout={CFG.timeouts.ssh}",
381382
"-q", # suppress some SSH messages
382383
host,
@@ -418,6 +419,7 @@ def write_remote_file(cls, host: str, file: Path, content: str) -> None:
418419
"ssh",
419420
"-o PasswordAuthentication=no",
420421
"-o GSSAPIAuthentication=yes",
422+
"-o StrictHostKeyChecking=no", # allow unknown hosts
421423
f"-o ConnectTimeout={CFG.timeouts.ssh}",
422424
host,
423425
f"cat > {file}",
@@ -456,6 +458,7 @@ def make_remote_dir(cls, host: str, directory: Path) -> None:
456458
"ssh",
457459
"-o PasswordAuthentication=no",
458460
"-o GSSAPIAuthentication=yes",
461+
"-o StrictHostKeyChecking=no", # allow unknown hosts
459462
f"-o ConnectTimeout={CFG.timeouts.ssh}",
460463
host,
461464
# ignore an error if the directory already exists
@@ -498,6 +501,7 @@ def list_remote_dir(cls, host: str, directory: Path) -> list[Path]:
498501
"ssh",
499502
"-o PasswordAuthentication=no",
500503
"-o GSSAPIAuthentication=yes",
504+
"-o StrictHostKeyChecking=no", # allow unknown hosts
501505
f"-o ConnectTimeout={CFG.timeouts.ssh}",
502506
host,
503507
f"ls -A {directory}",
@@ -542,6 +546,7 @@ def delete_remote_dir(cls, host: str, directory: Path) -> None:
542546
"ssh",
543547
"-o PasswordAuthentication=no",
544548
"-o GSSAPIAuthentication=yes",
549+
"-o StrictHostKeyChecking=no", # allow unknown hosts
545550
f"-o ConnectTimeout={CFG.timeouts.ssh}",
546551
host,
547552
f"yes | rm -r {directory}",
@@ -586,6 +591,7 @@ def move_remote_files(
586591
"ssh",
587592
"-o PasswordAuthentication=no",
588593
"-o GSSAPIAuthentication=yes",
594+
"-o StrictHostKeyChecking=no", # allow unknown hosts
589595
f"-o ConnectTimeout={CFG.timeouts.ssh}",
590596
host,
591597
mv_command,
@@ -766,6 +772,7 @@ def resubmit(
766772
"ssh",
767773
"-o PasswordAuthentication=no",
768774
"-o GSSAPIAuthentication=yes",
775+
"-o StrictHostKeyChecking=no", # allow unknown hosts
769776
f"-o ConnectTimeout={CFG.timeouts.ssh}",
770777
"-q", # suppress some SSH messages
771778
input_machine,
@@ -843,6 +850,7 @@ def _translate_ssh_command(cls, host: str, directory: Path) -> list[str]:
843850
"ssh",
844851
"-o PasswordAuthentication=no", # never ask for password
845852
"-o GSSAPIAuthentication=yes", # allow Kerberos tickets
853+
"-o StrictHostKeyChecking=no", # allow unknown hosts
846854
f"-o ConnectTimeout={CFG.timeouts.ssh}",
847855
host,
848856
"-t",
@@ -941,7 +949,8 @@ def _translate_rsync_excluded_command(
941949
command = [
942950
"rsync",
943951
"-e",
944-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no", # allow Kerberos tickets and never ask for password
952+
# allow Kerberos tickets, never ask for password, allow unknown hosts
953+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
945954
"-rltD",
946955
]
947956
for file in relative_excluded:
@@ -987,7 +996,8 @@ def _translate_rsync_included_command(
987996
command = [
988997
"rsync",
989998
"-e",
990-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no", # allow Kerberos tickets and never ask for password
999+
# allow Kerberos tickets, never ask for password, allow unknown hosts
1000+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
9911001
"-rltD",
9921002
]
9931003
for file in relative_included:

tests/test_batch_interface.py

Lines changed: 11 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ def test_translate_ssh_command():
2222
"ssh",
2323
"-o PasswordAuthentication=no",
2424
"-o GSSAPIAuthentication=yes",
25+
"-o StrictHostKeyChecking=no",
2526
f"-o ConnectTimeout={CFG.timeouts.ssh}",
2627
host,
2728
"-t",
@@ -286,7 +287,7 @@ def test_translate_rsync_excluded_command_local_to_local():
286287
assert cmd == [
287288
"rsync",
288289
"-e",
289-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no",
290+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
290291
"-rltD",
291292
"/source/",
292293
"/dest",
@@ -302,7 +303,7 @@ def test_translate_rsync_excluded_command_local_to_remote():
302303
assert cmd == [
303304
"rsync",
304305
"-e",
305-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no",
306+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
306307
"-rltD",
307308
"/source/",
308309
"remotehost:/dest",
@@ -318,7 +319,7 @@ def test_translate_rsync_excluded_command_remote_to_local():
318319
assert cmd == [
319320
"rsync",
320321
"-e",
321-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no",
322+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
322323
"-rltD",
323324
"remotehost:/source/",
324325
"/dest",
@@ -335,7 +336,7 @@ def test_translate_rsync_excluded_command_with_excludes():
335336
expected = [
336337
"rsync",
337338
"-e",
338-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no",
339+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
339340
"-rltD",
340341
"--exclude",
341342
"temp",
@@ -354,7 +355,7 @@ def test_translate_rsync_excluded_command_empty_excludes_list():
354355
expected = [
355356
"rsync",
356357
"-e",
357-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no",
358+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
358359
"-rltD",
359360
"/source/",
360361
"/dest",
@@ -467,7 +468,7 @@ def test_translate_rsync_included_command_local_to_local():
467468
expected = [
468469
"rsync",
469470
"-e",
470-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no",
471+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
471472
"-rltD",
472473
"--include",
473474
"file1.txt",
@@ -497,7 +498,7 @@ def test_translate_rsync_included_command_local_to_remote():
497498
expected = [
498499
"rsync",
499500
"-e",
500-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no",
501+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
501502
"-rltD",
502503
"--include",
503504
"file1.txt",
@@ -523,7 +524,7 @@ def test_translate_rsync_included_command_remote_to_local():
523524
expected = [
524525
"rsync",
525526
"-e",
526-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no",
527+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
527528
"-rltD",
528529
"--include",
529530
"file1.txt",
@@ -549,7 +550,7 @@ def test_translate_rsync_included_command_no_files():
549550
expected = [
550551
"rsync",
551552
"-e",
552-
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no",
553+
"ssh -o GSSAPIAuthentication=yes -o PasswordAuthentication=no -o StrictHostKeyChecking=no",
553554
"-rltD",
554555
"--exclude",
555556
"*",
@@ -676,6 +677,7 @@ def test_batchinterface_delete_remote_dir_success(mock_run):
676677
"ssh",
677678
"-o PasswordAuthentication=no",
678679
"-o GSSAPIAuthentication=yes",
680+
"-o StrictHostKeyChecking=no",
679681
f"-o ConnectTimeout={CFG.timeouts.ssh}",
680682
"remote_host",
681683
"yes | rm -r /remote/dir",

tests/test_batch_pbs_pbs.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,7 @@ def test_navigate_success(tmp_path):
5050
"ssh",
5151
"-o PasswordAuthentication=no",
5252
"-o GSSAPIAuthentication=yes",
53+
"-o StrictHostKeyChecking=no",
5354
f"-o ConnectTimeout={CFG.timeouts.ssh}",
5455
"fake.host.org",
5556
"-t",

0 commit comments

Comments
 (0)