cli, etcd, lib, setup: Support ssh hostkey logic

This makes it easy to pass in the expected key so that we never have to guess and risk MITM attacks.
2025-06-07 17:55:41 -04:00
parent 55eeb50fb4
commit 1ccec72a7c
5 changed files with 113 additions and 32 deletions
--- a/setup/svc.go
+++ b/setup/svc.go
@@ -115,6 +115,11 @@ func (obj *Svc) Run(ctx context.Context) error {
 			argv = append(argv, fmt.Sprintf("--ssh-url=%s", s))
 		}

+		if s := obj.SetupSvcArgs.SSHHostKey; s != "" {
+			// TODO: validate ssh url? Should be user@server:port
+			argv = append(argv, fmt.Sprintf("--ssh-hostkey=%s", s))
+		}
+
 		for _, seed := range obj.SetupSvcArgs.Seeds {
 			// TODO: validate each seed?
 			s := fmt.Sprintf("--seeds=%s", seed)