[GitHub] [airflow] aaronfowles commented on a change in pull request #7739: [AIRFLOW-7044] Add host_key option to SSH connection extras

[GitBox <gi...@apache.org>]

aaronfowles commented on a change in pull request #7739:
URL: https://github.com/apache/airflow/pull/7739#discussion_r411204750



##########
File path: airflow/providers/ssh/hooks/ssh.py
##########
@@ -275,3 +281,36 @@ def create_tunnel(
                       category=DeprecationWarning)
 
         return self.get_tunnel(remote_port, remote_host, local_port)
+
+    @staticmethod
+    def _add_new_record_to_known_hosts(record, file):
+        file.write(''.join([record, '\n']))
+
+    @staticmethod
+    def add_host_to_known_hosts(host, key_type, host_key):
+        """This adds a specified remote_host public key to the known_hosts
+            in order to prevent man-in-the-middle attacks."""
+        # The .ssh hidden directory is required and not present on all airflow deployments
+        known_hosts_file_ref = SSHHook._create_known_hosts()

Review comment:
       @RosterIn Thanks for the input. Yes, I was assuming the user would have write access to everything under their home dir but there are certainly instances where this may not be the case which I hadn't considered such as default umask for example. Changes made.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org