I have a self hosted GitLab EE Omnibus installation. I have a few repositories on this instance that I have configured for SSH push mirroring to another Bitbucket installation. The SSH push mirroring works for a while and then starts failing with an error that the “host key verification failed”. In digging into this I’ve found that the Bitbucket installation is using “smart mirroring”. From what I can tell this means that ephemeral hosts will periodically be added to handle additional push/pull workload. However, this also means that I can’t guarantee that the SSH host key for the Bitbucket side of the mirror won’t change. So, I’m looking for a way to disable host key checking through GitLab.
If GitLab is mirroring via ssh pushes, you can always edit the /etc/ssh/ssh_config file to bypass the known hosts authorization on the GitLab machine directly.
Here is a link describing how to do that: https://linuxcommando.blogspot.com/2008/10/how-to-disable-ssh-host-key-checking.html
What I like about that approach is that you can whitelist specific domain ranges (although if someone can mess with the DNS you’re still vulnerable).