Github user necouchman commented on a diff in the pull request:

    https://github.com/apache/guacamole-server/pull/164#discussion_r179728057
  
    --- Diff: src/common-ssh/ssh.c ---
    @@ -518,6 +520,64 @@ guac_common_ssh_session* 
guac_common_ssh_create_session(guac_client* client,
             return NULL;
         }
     
    +    /* Check known_hosts, start by getting known_hosts file of user 
running guacd */
    +    struct passwd *pw = getpwuid(getuid());
    +    const char *known_hosts = strcat(pw->pw_dir, "/.ssh/known_hosts");
    +    LIBSSH2_KNOWNHOSTS *ssh_known_hosts = libssh2_knownhost_init(session);
    +    libssh2_knownhost_readfile(ssh_known_hosts, known_hosts, 
LIBSSH2_KNOWNHOST_FILE_OPENSSH);
    +
    --- End diff --
    
    I'm not dead set on this change, here, but basically, in addition to 
allowing the client to provide a host key, I've also put this code in that 
reads in the .ssh/known_hosts file from the user running guacd.  There may be 
situations where admins do not want to individually enter every host key in the 
Guacamole interface and would rather just copy the known_hosts file from a 
known good location.  There are a couple of alternatives we could consider to 
having it check the .ssh/known_hosts file from the guacd user's home directory:
    - Use /etc/guacamole/known_hosts, instead, or wherever guacd.conf is 
located.
    - Have the client pass through the location of a known_hosts file in 
addition to an actual host key.
    
    Thoughts?


---

Reply via email to