From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:470:142:3::10]:51794) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1idGK6-000616-9r for guix-patches@gnu.org; Fri, 06 Dec 2019 11:19:24 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1idGK0-0003CR-Rb for guix-patches@gnu.org; Fri, 06 Dec 2019 11:19:17 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:40972) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1idGK0-000358-Kz for guix-patches@gnu.org; Fri, 06 Dec 2019 11:19:12 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1idGGy-00054l-PC for guix-patches@gnu.org; Fri, 06 Dec 2019 11:16:04 -0500 Subject: [bug#38478] [PATCH 4/4] machine: ssh: can include the host key. Resent-Message-ID: From: Ludovic =?UTF-8?Q?Court=C3=A8s?= References: <20191203211557.21145-1-ludo@gnu.org> <20191203211557.21145-4-ludo@gnu.org> <87d0d4qlc0.fsf@sdf.lonestar.org> <87tv6gatc9.fsf@gnu.org> <87eexil1kq.fsf@sdf.lonestar.org> Date: Fri, 06 Dec 2019 13:16:41 +0100 In-Reply-To: <87eexil1kq.fsf@sdf.lonestar.org> (Jakob L. Kreuze's message of "Thu, 05 Dec 2019 19:50:13 -0500") Message-ID: <87a785abti.fsf@gnu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: "Jakob L. Kreuze" Cc: 38478@debbugs.gnu.org Hi! zerodaysfordays@sdf.lonestar.org (Jakob L. Kreuze) skribis: > Ludovic Court=C3=A8s writes: [...] >> BTW, I=E2=80=99m wondering if we should go further and deprecate missing= /#f >> =E2=80=98host-key=E2=80=99 fields altogether. WDYT? >> >> To me it just seems wiser to have that info within the deploy config >> rather than out-of-band in ~/.ssh/known_hosts. > > I feel that's more in-line with the goals of Guix -- implicitly reading > ~/.ssh/known_hosts doesn't seem declarative to me. What's our means for > deprecating features like that? A warning message when omitted? If > that's the case, I'm definitely on board. Yup, we can emit a deprecation warning when the key is #f. So let=E2=80=99s take that route if nobody objects. It=E2=80=99s easier to= deprecate it now that =E2=80=9Cguix deploy=E2=80=9D is still very new. Ludo=E2=80=99.