From f5c180180e848b83d8ccdf6015cd7f214372d599 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 3 Dec 2019 21:41:54 +0100 Subject: ssh: Always authenticate the server [security fix]. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Until now, users of 'open-ssh-session', including "guix deploy" and "GUIX_DAEMON_SOCKET=ssh://…" (but not "guix offload"), would not authenticate the SSH server they're talking to. * guix/ssh.scm (open-ssh-session): Call 'authenticate-server'. --- guix/ssh.scm | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/guix/ssh.scm b/guix/ssh.scm index f34e71392b..519c723155 100644 --- a/guix/ssh.scm +++ b/guix/ssh.scm @@ -125,6 +125,17 @@ Throw an error on failure." (match (connect! session) ('ok + ;; Authenticate against ~/.ssh/known_hosts. + (match (authenticate-server session) + ('ok #f) + (reason + (raise (condition + (&message + (message (format #f (G_ "failed to authenticate \ +server at '~a': ~a") + (session-get session 'host) + reason))))))) + ;; Use public key authentication, via the SSH agent if it's available. (match (userauth-public-key/auto! session) ('success -- cgit 1.4.1