in internal/remote/remote.go [113:143]
func (r *remote) publicKey(host, knownHostsPath string) error {
// parse OpenSSH known_hosts file
// ssh or use ssh-keyscan to get initial key
fd, err := os.Open(knownHostsPath)
if err != nil {
return fmt.Errorf("an error occurred when opening known_hosts. %v", err)
}
defer fd.Close()
// support -H parameter for ssh-keyscan
hashhost := knownhosts.HashHostname(host)
scanner := bufio.NewScanner(fd)
for scanner.Scan() {
_, hosts, key, _, _, err := ssh.ParseKnownHosts(scanner.Bytes())
if err != nil {
log.Logger.Errorf("failed to parse known_hosts: %s", scanner.Text())
r.usageMetricsLogger.Error(agentstatus.ParseKnownHostsError)
continue
}
for _, h := range hosts {
if h == host || h == hashhost {
r.key.PublicKey = key
return nil
}
}
}
return fmt.Errorf("known host file does not contain host %s; please SSH into host first to verify fingerprint", host)
}