summaryrefslogtreecommitdiff
path: root/guix
diff options
context:
space:
mode:
Diffstat (limited to 'guix')
-rw-r--r--guix/scripts/offload.scm8
1 files changed, 8 insertions, 0 deletions
diff --git a/guix/scripts/offload.scm b/guix/scripts/offload.scm
index ebff11664d..f25cc5e7bb 100644
--- a/guix/scripts/offload.scm
+++ b/guix/scripts/offload.scm
@@ -177,6 +177,14 @@ private key from '~a': ~a")
;; #:log-verbosity 'protocol
#:identity (build-machine-private-key machine)
+ ;; By default libssh reads ~/.ssh/known_hosts
+ ;; and uses that to adjust its choice of cipher
+ ;; suites, which changes the type of host key
+ ;; that the server sends (RSA vs. Ed25519,
+ ;; etc.). Opt for something reproducible and
+ ;; stateless instead.
+ #:knownhosts "/dev/null"
+
;; We need lightweight compression when
;; exchanging full archives.
#:compression