-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add documentation that SSH markers aren't supported #11586
Conversation
Cargo doesn't support the `@cert-authority` or `@revoked` markers in SSH Known Hosts files. The lines are silently ignored. If a user is depending on these lines to connect to a Git server via SSH, then their command line Git client will work, but Cargo will fail with an error that the host key doesn't match. This change adds a note explaining that Cargo doesn't support these markers and suggests that the user change their cargo configuration to fetch with the CLI client instead. Refs: rust-lang#11577
Thanks for the pull request, and welcome! The Rust team is excited to review your changes, and you should hear from @weihanglo (or someone else) soon. Please see the contribution instructions for more information. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks nice. Thank you for taking care of this!
@bors r+ |
☀️ Test successful - checks-actions |
9 commits in 1cd6d3803dfb0b342272862a8590f5dfc9f72573..a5d47a72595dd6fbe7d4e4f6ec20dc5fe724edd1 2023-01-12 18:40:36 +0000 to 2023-01-16 18:51:50 +0000 - Add network container tests (rust-lang/cargo#11583) - Show progress of crates.io index update even `net.git-fetch-with-cli` option enabled (rust-lang/cargo#11579) - `cargo metadata` supports artifact dependencies (rust-lang/cargo#11550) - fix(docs): add required "inherits" option to example profile (rust-lang/cargo#11504) - add documentation that SSH markers aren't supported (rust-lang/cargo#11586) - Fix typo (rust-lang/cargo#11585) - Enable source_config_env test on Windows (rust-lang/cargo#11582) - Support `codegen-backend` and `rustflags` in profiles in config file (rust-lang/cargo#11562) - ci: reflect to clap updates (rust-lang/cargo#11578)
Update cargo 9 commits in 1cd6d3803dfb0b342272862a8590f5dfc9f72573..a5d47a72595dd6fbe7d4e4f6ec20dc5fe724edd1 2023-01-12 18:40:36 +0000 to 2023-01-16 18:51:50 +0000 - Add network container tests (rust-lang/cargo#11583) - Show progress of crates.io index update even `net.git-fetch-with-cli` option enabled (rust-lang/cargo#11579) - `cargo metadata` supports artifact dependencies (rust-lang/cargo#11550) - fix(docs): add required "inherits" option to example profile (rust-lang/cargo#11504) - add documentation that SSH markers aren't supported (rust-lang/cargo#11586) - Fix typo (rust-lang/cargo#11585) - Enable source_config_env test on Windows (rust-lang/cargo#11582) - Support `codegen-backend` and `rustflags` in profiles in config file (rust-lang/cargo#11562) - ci: reflect to clap updates (rust-lang/cargo#11578) r? `@ghost`
Congrats @hds! Your doc enhancement is live on https://doc.rust-lang.org/nightly/cargo/appendix/git-authentication.html#ssh-known-hosts. Check it out. Also thank you again! |
Fantastic! Thanks for the review and for letting me know! |
What does this PR try to resolve?
Cargo doesn't support the
@cert-authority
or@revoked
markers in SSHKnown Hosts files. The lines are silently ignored.
If a user is depending on these lines to connect to a Git server via
SSH, then their command line Git client will work, but Cargo will fail
with an error that the host key doesn't match.
This change adds a note explaining that Cargo doesn't support these
markers and suggests that the user change their cargo configuration to
fetch with the CLI client instead.
This PR fixes the first part (of 4) of the suggested tasks to fix #11577.
How should we test and review this PR?
This change only modifies the Cargo book source. Running
mdbook build
and checking the SSH Known Hosts section of the appendix on Git
authentication should be sufficient to test the PR.
Additional information
The note in this section repeats what is said in the higher section on
SSH authentication, however given the recently implemented host key
checking, it seems worth calling out the limitation that Cargo doesn't
support these markers in the SSH known hosts file explicitly. Hopefully,
it reduces support requests and questions as well.