Give the option to avoid usage of ssh.InsecureIgnoreHostKey when connecting to ssh

[aspacca]

What do you want?

Avoid the usage on ssh.InsecureIngoreHostKeyin the config for the ssh client.

Why do you want this?

InsecureIgnoreHostKey returns a function that can be used for ClientConfig.HostKeyCallback to accept any host key. It should not be used for production code.. Using it for production code is against security first principles

Recommended solution

Not sure about this: I haven't checked yet if there is the possibility for writing an default HostKeyCallback that will work for every scenarios. And if not, from the little investigation I've done so far it's still unclear to me how to provide a way to "inject" through k3sup flags a user defined callback (you can figure out why :))

Additional context

Please, consider this as my offer to contribute with a PR for adding the feature. I've yet no recommended solutions. Glad to either discuss together for one, or receiving specific implementation requirements I'd have just to contribute to, writing the code.

[alexellis]

InsecureIgnoreHostKey returns a function that can be used for ClientConfig.HostKeyCallback to accept any host key. It should not be used for production code.. Using it for production code is against security first principles

The concept of k3sup is to be able to use automation / quickly created VMs to perform a HA installation.

Are you suggesting that you are willing to log into each VM, and download its Host key footprint, and to manually insert it into your trust store, before running k3sup?

How else do you envision this workflow?