Skip to content

fix!: use names not IDs for agent SSH key seed #17258

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 4, 2025
Merged

fix!: use names not IDs for agent SSH key seed #17258

merged 1 commit into from
Apr 4, 2025

Conversation

spikecurtis
Copy link
Contributor

Changes the SSH host key seeding to use the owner username, workspace name, and agent name. This prevents SSH from complaining about a mismatched host key if you use Coder Desktop to connect, and delete and recreate your workspace with the same name. Previously this would generate a different key because the workspace ID changed.

We also include the owner's username in anticipation of using Coder Desktop to access shared workspaces (or as a superuser) down the road, so that workspaces with the same name owned by different users will not have the same key.

This change is BREAKING in a limited sense that early access users of Coder Desktop will see their SSH clients complain about host keys changing the first time each workspace is rebuilt with this code. It can be resolved by clearing your .ssh/known_hosts file of the Coder workspaces you access this way.

@spikecurtis spikecurtis added the release/breaking This label is applied to PRs to detect breaking changes as part of the release process label Apr 4, 2025
@spikecurtis spikecurtis self-assigned this Apr 4, 2025
@github-actions github-actions bot changed the title fix: use names not IDs for agent SSH key seed fix!: use names not IDs for agent SSH key seed Apr 4, 2025
mafredri
mafredri approved these changes Apr 4, 2025
View reviewed changes
agent/agent.go
return 42, err
}
// null separators between strings so that (dog, foodstuff) is distinct from (dogfood, stuff)
_, err = h.Write([]byte{0})
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍🏻

@spikecurtis spikecurtis merged commit f6bf6c6 into main Apr 4, 2025
38 checks passed
@spikecurtis spikecurtis deleted the spike/ssh-key-seed branch April 4, 2025 08:51
@github-actions github-actions bot locked and limited conversation to collaborators Apr 4, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mafredri mafredri mafredri approved these changes

@ethanndickson ethanndickson Awaiting requested review from ethanndickson

Assignees

@spikecurtis spikecurtis

Labels
release/breaking This label is applied to PRs to detect breaking changes as part of the release process
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@spikecurtis @mafredri