freebsd/ports
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ports/sysutils/rubygem-openbolt/pkg-message
Romain Tartière e4b2538d1c
sysutils/rubygem-openbolt: New port 
OpenBolt is an open source orchestration tool that automates the manual work it
takes to maintain your infrastructure. Use OpenBolt to automate tasks that you
perform on an as-needed basis or as part of a greater orchestration workflow.
For example, you can use OpenBolt to patch and update systems, troubleshoot
servers, deploy applications, or stop and restart services. OpenBolt can be
installed on your local workstation and connects directly to remote targets
with SSH or WinRM, so you are not required to install any agent software.

OpenBolt is a community implementation of Puppet Bolt.

With hat:	puppet
2025-10-27 08:39:12 -10:00

37 lines
1.6 KiB
Plaintext
Raw Permalink Blame History

[
{ type: install
message: <<EOM
This port depends on security/rubygem-net-ssh which has stricter defaults that
OpenSSH: when using strict host key checking, security/rubygem-net-ssh will
refuse the connexion if both the remote host name and IP address are not on the
same line of a known_host file.
security/rubygem-net-ssh added support for disabling strict host key checking
in version 5.2.0, however this setting is still enabled by default because
upstream OpenSSH has it enabled by default. However, FreeBSD ships with a
modified version of OpenSSH where strict host key checking is disabled by
default. As a result:
- When adding an entry for a new host, only the host name is added in the
known_host file;
- The absence of CheckHostIP in the SSH configuration means the feature is
disabled while such absence is generally the indication of the feature
being enabled.
As a consequence, host key verification may need additional work:
- When using security/rubygem-net-ssh < 5.2.0, either:
- Disable host key checking totally (--no-host-key-check parameter of the
bolt command);
- Update your remote host entries in the known_hosts file to use the
format:
<host-name>,<IP address> <key-type> <key>
- When using security/rubygem-net-ssh >= 5.2.0
- Add "CheckHostIP no" to your SSH client configuration file
(/etc/ssh/ssh_config or ~/.ssh/config).
Some future version of security/rubygem-net-ssh should drop strict host key
checking entirely, for more details, see:
https://github.com/net-ssh/net-ssh/pull/663
EOM
}
]
Reference in New Issue View Git Blame Copy Permalink