Added an option to disable known_hosts autopopulation
Prod-Related: PROD-34958
Change-Id: Idb8e79f3442b730bab0ea17614f9563cf539174a
diff --git a/README.rst b/README.rst
index ed5cb0f..9e7a3b1 100644
--- a/README.rst
+++ b/README.rst
@@ -30,6 +30,15 @@
key: ${_param:root_private_key}
user: ${linux:system:user:root}
+* The OpenSSH client known_hosts autopopulation control:
+
+ .. code-block:: yaml
+
+ openssh:
+ client:
+ enabled: true
+ known_hosts_autopopulation: false
+
* The OpenSSH client configuration with an individual private key and known
host:
diff --git a/openssh/client/known_host.sls b/openssh/client/known_host.sls
index 3a2273f..168af77 100644
--- a/openssh/client/known_host.sls
+++ b/openssh/client/known_host.sls
@@ -52,7 +52,7 @@
{%- if host.port is defined %}
- port: {{ host.port }}
{%- endif %}
- {%- if grains.get('noservices') %}
+ {%- if grains.get('noservices') or not client.get('known_hosts_autopopulation', True) %}
- onlyif: /bin/false
{%- endif %}
- timeout: 15
diff --git a/tests/test-requirements.txt b/tests/test-requirements.txt
index 7188b2b..bc7dc7f 100644
--- a/tests/test-requirements.txt
+++ b/tests/test-requirements.txt
@@ -1,3 +1,4 @@
jsonschema
reno
setuptools<45.0.0
+msgpack<1.0.0