Re: [Duplicity-talk] Why -oUserKnownHostsFile=/dev/null

[Peter Schuller]

> Very simply, simplicity.  SSH can generate 2-3 different paths to script
> depending on what is in the known_hosts file, and automatic responses to
> those may in themselves be a security issue, so which way to go?  I took
> the easy route and got it working.
>
> Remember the goal, non-attended backup.  I don't want to be up at 2am
> when the backup starts.

How about an --ssh-strict-checking switch which turns this on again, as well 
as defaulting to it on when running with --no-encryption?

I can buy the convenience default as long as the backups are encrypted, 
because MITM attacks will not mean information disclosure. But without 
encryption it really feels overly risky.

(If you agree I'll come up with a patch.)

-- 
/ Peter Schuller

PGP userID: 0xE9758B7D or 'Peter Schuller <address@hidden>'
Key retrieval: Send an E-Mail to address@hidden
E-Mail: address@hidden Web: http://www.scode.org