offload: Do not read ~/.ssh/known_hosts.

* guix/scripts/offload.scm (open-ssh-session): Pass #:knownhosts to
'make-session'.
This commit is contained in:
Ludovic Courtès 2016-12-09 14:54:42 +01:00
parent 750778abd4
commit bd8345777f
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5

View file

@ -177,6 +177,14 @@ (define (open-ssh-session machine)
;; #:log-verbosity 'protocol
#:identity (build-machine-private-key machine)
;; By default libssh reads ~/.ssh/known_hosts
;; and uses that to adjust its choice of cipher
;; suites, which changes the type of host key
;; that the server sends (RSA vs. Ed25519,
;; etc.). Opt for something reproducible and
;; stateless instead.
#:knownhosts "/dev/null"
;; We need lightweight compression when
;; exchanging full archives.
#:compression