1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
/// Pinned SSH host keys for smbCloud deployment servers.
///
/// These are **public** keys — safe to commit to a public repository.
/// Host keys are designed to be known; only the private half (which never
/// leaves the server) provides authentication.
///
/// Purpose: protect every `smb deploy` user from DNS/BGP hijacking.
/// By pairing these constants with `StrictHostKeyChecking=yes` and a
/// generated temp `UserKnownHostsFile`, the CLI refuses to connect to any
/// server that doesn't present one of these exact keys — even if the
/// hostname resolves correctly to an attacker's IP.
///
/// Both servers run OpenSSH 9.2p1 on Debian 12.
///
/// # Key rotation
///
/// If a server's host key is ever rotated (e.g. after a compromise or
/// reprovisioning), update the relevant constant here and cut a new CLI
/// release. Users on old releases will receive a hard SSH refusal:
///
/// ```text
/// Host key verification failed.
/// ```
///
/// That is the correct behaviour — they must upgrade before deploying.
///
/// To re-fetch the current keys:
///
/// ```sh
/// ssh-keyscan -t ed25519 api.smbcloud.xyz api-1.smbcloud.xyz 2>/dev/null
/// ```
/// Pinned ed25519 host key for `api.smbcloud.xyz` (NodeJs / Static tier).
pub const API_SMBCLOUD_XYZ: &str =
"api.smbcloud.xyz ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINGy4LHGyOilS7SXo770V3tQnXDRVQr7X7JsPLCfy4XB";
/// Pinned ed25519 host key for `api-1.smbcloud.xyz` (Ruby / Swift tier).
pub const API_1_SMBCLOUD_XYZ: &str =
"api-1.smbcloud.xyz ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII1G3JyS66+yIFGrN3Vgc/UlvBm/oS98qq5pS96UYxcz";
/// Returns the pinned host key line for the given rsync hostname.
///
/// The returned string is in `known_hosts` format and can be written
/// directly to a temp file passed to SSH via `-o UserKnownHostsFile=`.