Because new Host stanzas are placed by this cookbook at the end of the file, those cannot be used to override any defaults that are present in a Host * block at the beginning of /etc/ssh/ssh_config.
man ssh_config says "Since the first obtained value for each parameter is used, more host-specific declarations should be given near the beginning of the file, and general defaults at the end."
For example, if StrictHostKeyChecking ask is set in Host *, then it is impossible to turn it off with
ssh_config 'github.com' do
options StrictHostKeyChecking: 'no'
end
I think that the ssh_config resource should add its blocks before entries that are already in the ssh_config file to make this override behavior possible.
Currently, to override defaults given in a Host * block, a workaround is required: first do
ssh_config '*' do
action :remove
end
Because new
Hoststanzas are placed by this cookbook at the end of the file, those cannot be used to override any defaults that are present in aHost *block at the beginning of/etc/ssh/ssh_config.man ssh_configsays "Since the first obtained value for each parameter is used, more host-specific declarations should be given near the beginning of the file, and general defaults at the end."For example, if
StrictHostKeyChecking askis set inHost *, then it is impossible to turn it off withI think that the
ssh_configresource should add its blocks before entries that are already in thessh_configfile to make this override behavior possible.Currently, to override defaults given in a
Host *block, a workaround is required: first do