Verify SSH host keys before connecting | Critiq Docs

#Metadata

Rule ID: rust.security.insecure-ssh-host-key
Severity: high
Confidence: 0.85
Languages: rust
Presets: security, strict
Stability: experimental
Applies to: block
Tags: network, rules-catalog, rust, security, ssh

#Why it matters

Skipping host key checks enables person-in-the-middle attacks against SSH sessions.

#Remediation

Keep host key checking enabled and pin known host keys or use a trusted known_hosts store.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/rust/rust.security.insecure-ssh-host-key.rule.yaml.

Back to directory Open rule in repository