(feature) Add host key scanning for SSH credentials

Add a host detail action that scans the target SSH host key with ssh-keyscan and stores it on the selected SSH credential. Merge scanned known_hosts entries without duplicates and let the existing runtime config pass them through as UserKnownHostsFile for unattended rsync over SSH. Extend host checks to warn when the selected credential has no known_hosts entries, making host key verification failures actionable from Django.
2026-05-19 19:55:40 +02:00
parent 25d2a5b1a7
commit d3ffca1843
7 changed files with 104 additions and 1 deletions
--- a/src/pobsync_backend/host_ops.py
+++ b/src/pobsync_backend/host_ops.py
@@ -62,6 +62,17 @@ def collect_host_checks(host: HostConfig, global_config: GlobalConfig | None = N
                    "Generated filesystem keys are recommended for native systemd installs.",
                )
            )
+        if credential.known_hosts.strip():
+            checks.append(SelfCheck("Host known_hosts", "ok", "Selected credential has known_hosts entries."))
+        else:
+            checks.append(
+                SelfCheck(
+                    "Host known_hosts",
+                    "warning",
+                    "Selected credential has no known_hosts entries.",
+                    "Use Scan SSH host key before queueing unattended backups.",
+                )
+            )

    host_root = resolve_host_root(global_config.backup_root, host.host)
    checks.append(_host_path_check("Host backup root", host_root, must_exist=True, must_be_writable=True))