website/docs: add note re. SSH hostkey validation to provisioner connection doc (#25355)

This commit is contained in:
Jamie Finnigan 2020-06-24 05:09:06 -07:00 committed by GitHub
parent 3178d7d7ac
commit be510e53bc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions

View File

@ -20,6 +20,12 @@ for some connection settings, so that `connection` blocks could sometimes be
omitted. This feature was removed in 0.12 in order to make Terraform's behavior
more predictable.
-> **Note:** Since the SSH connection type is most often used with
newly-created remote resources, validation of SSH host keys is disabled by
default. In scenarios where this is not acceptable, a separate mechanism for
key distribution could be established and the `host_key` directive documented
below explicitly set to verify against a specific key or signing CA.
Connection blocks don't take a block label, and can be nested within either a
`resource` or a `provisioner`.