Fix host key validation

MightyMoud · Sep 20, 2024 · 08c7c6f · 08c7c6f
1 parent 22454bf
commit 08c7c6f
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 14 deletions.
diff --git a/cmd/init.go b/cmd/init.go
@@ -98,6 +98,12 @@ var initCmd = &cobra.Command{
 		viper.Set("dockerUsername", dockerUsername)
 		viper.Set("certEmail", certEmail)
 
+		keyAddSshCommand := exec.Command("sh", "-s", "-", server)
+		keyAddSshCommand.Stdin = strings.NewReader(utils.SshKeysScript)
+		if sshAddErr := keyAddSshCommand.Run(); sshAddErr != nil {
+			panic(sshAddErr)
+		}
+
 		multi := pterm.DefaultMultiPrinter
 		setupProgressBar, _ := pterm.DefaultProgressbar.WithTotal(6).WithWriter(multi.NewWriter()).Start("Sidekick Booting up (2m estimated)  ")
 		rootLoginSpinner, _ := utils.GetSpinner().WithWriter(multi.NewWriter()).Start("Logging into with root")

diff --git a/cmd/launch.go b/cmd/launch.go
@@ -40,12 +40,6 @@ var launchCmd = &cobra.Command{
 			os.Exit(1)
 		}
 
-		keyAddSshCommand := exec.Command("sh", "-s", "-", viper.Get("serverAddress").(string))
-		keyAddSshCommand.Stdin = strings.NewReader(utils.SshKeysScript)
-		if sshAddErr := keyAddSshCommand.Run(); sshAddErr != nil {
-			panic(sshAddErr)
-		}
-
 		if utils.FileExists("./dockerfile") {
 			pterm.Info.Println("Dockerfile detected - scanning file for details")
 		} else {

diff --git a/utils/utils.go b/utils/utils.go
@@ -31,6 +31,9 @@ import (
 	"github.com/spf13/viper"
 	"golang.org/x/crypto/ssh"
 	"golang.org/x/crypto/ssh/agent"
+	"golang.org/x/crypto/ssh/knownhosts"
+	"os/user"
+
 	"gopkg.in/yaml.v3"
 )
 
@@ -40,7 +43,7 @@ type CommandsStage struct {
 	SpinnerFailMessage    string
 }
 
-func GetSshClient(server string, user string) (*ssh.Client, error) {
+func GetSshClient(server string, sshUser string) (*ssh.Client, error) {
 	sshPort := "22"
 	// connect to local ssh-agent to grab all keys
 	sshAgentSock := os.Getenv("SSH_AUTH_SOCK")
@@ -66,18 +69,19 @@ func GetSshClient(server string, user string) (*ssh.Client, error) {
 		return nil, err
 	}
 
+	currentUser, err := user.Current()
+	knownHostsCallback, err := knownhosts.New(fmt.Sprintf("%s/.ssh/known_hosts", currentUser.HomeDir))
+	if err != nil {
+		log.Fatalf("Error loading known hosts: %v", err)
+		os.Exit(1)
+	}
 	// now that we have our key, we need to start ssh client sesssion
-	// ƒirst we make some config we pass later
 	config := &ssh.ClientConfig{
-		User: user,
+		User: sshUser,
 		Auth: []ssh.AuthMethod{
-			// passing the public keys to callback to get the auth methods
 			ssh.PublicKeysCallback(agentClient.Signers),
 		},
-		HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
-			// use OpenSSH's known_hosts file if you care about host validation
-			return nil
-		},
+		HostKeyCallback: knownHostsCallback,
 	}
 
 	// create SSH client with the said config and connect to server