From f460ac2b1de3e7fb591603b5e9d85e37fbd6c408 Mon Sep 17 00:00:00 2001 From: Hayden Stainsby Date: Mon, 16 Jan 2023 12:23:46 +0100 Subject: [PATCH] add documentation that SSH markers aren't supported Cargo doesn't support the `@cert-authority` or `@revoked` markers in SSH Known Hosts files. The lines are silently ignored. If a user is depending on these lines to connect to a Git server via SSH, then their command line Git client will work, but Cargo will fail with an error that the host key doesn't match. This change adds a note explaining that Cargo doesn't support these markers and suggests that the user change their cargo configuration to fetch with the CLI client instead. Refs: #11577 --- src/doc/src/appendix/git-authentication.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/doc/src/appendix/git-authentication.md b/src/doc/src/appendix/git-authentication.md index f46a6535c6b..8b2db5cb112 100644 --- a/src/doc/src/appendix/git-authentication.md +++ b/src/doc/src/appendix/git-authentication.md @@ -81,6 +81,11 @@ publish their fingerprints on the web; for example GitHub posts theirs at Cargo comes with the host keys for [github.com](https://github.com) built-in. If those ever change, you can add the new keys to the config or known_hosts file. +> **Note:** Cargo doesn't support the `@cert-authority` or `@revoked` +> markers in `known_hosts` files. To make use of this functionality, use +> [`net.git-fetch-with-cli`]. This is also a good tip if Cargo's SSH client +> isn't behaving the way you expect it to. + [`credential.helper`]: https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage [`net.git-fetch-with-cli`]: ../reference/config.md#netgit-fetch-with-cli [`net.ssh.known-hosts`]: ../reference/config.md#netsshknown-hosts