Troels - Auth the host

1. Hi Allan and Kris
2.  
3. Thanks for a great show! I listen every week and it is always on the top of my playlist.
4.  
5. I'm trying to establish an offsite backup setup where an always-on Raspberry Pi I have at homeonce a day will do the following:
6. 1. Spin up a new FreeBSD droplet at Digitalocean via the API
7. 2. Do do some initial setup via SSH (change username, reset passwords passwords, install packages, setup firewall, etc.)
8. 3. Mount a geli-encrypted ZFS volume on the droplet via SSH (I will pipe key-file via SSH so it is never stored on the droplet)
9. 4. Run a backup-script that backs up all my online services to the ZFS volume (google drive, google mail, evernote, etc.)
10. 5. Take a snapshot of the ZFS volumen via SSH
11. 6. Unmount the ZFS volumen via SSH
12. 7. Shutdown and destroy the droplet via the API
13.  
14. This way, I will only pay for the block storage and about 30 minutes of droplet use per day. With some light scripting, I've managed to make the setup pretty much work (what nice and simple API!). However, I haven't solved the issue of programmatically authenticating the host, as the SSH host key is only shown in the console via the web interface. Checking this is a manual process and I don't want to disable host key checking.
15.  
16. Do you have any advice on how I can establish the authenticity of the host?
17.  
18. Best regards
19. Troels