## Critical SSH Host Key Verification Disabled in Major Cloud Provider E2E Test Scripts
A high-severity security vulnerability has been identified in the end-to-end (E2E) test scripts for major cloud platforms, where SSH connections are configured to completely disable host key verification. This flaw, present in scripts for Google Cloud Platform (GCP) and Amazon Web Services (AWS), exposes automated test pipelines to man-in-the-middle (MITM) attacks, potentially compromising credentials and sensitive data.

The vulnerability is located in specific shell script files within the project's test infrastructure. In both `sh/e2e/lib/clouds/gcp.sh` and `sh/e2e/lib/clouds/aws.sh`, SSH commands are executed with the dangerous flags `-o StrictHostKeyChecking=no` and `-o UserKnownHostsFile=/dev/null`. This combination instructs the SSH client to accept any host key presented by a remote server without validation and to discard any record of known hosts, effectively nullifying a core security mechanism of the SSH protocol.

In a practical attack scenario, an adversary capable of intercepting network traffic between the test runner and a cloud instance could inject their own host key. The vulnerable SSH client would accept it without question, allowing the attacker to decrypt, read, and potentially modify all subsequent SSH traffic. This includes sensitive authentication credentials, shell commands, and command outputs, posing a direct risk to the integrity and confidentiality of the testing environment and any secrets it handles. The recommended mitigation is to replace the insecure flag with `StrictHostKeyChecking=accept-new`, which maintains automation while providing verification after the initial connection.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: SSH, Cloud Security, Vulnerability, GCP, AWS
- **Credibility**: unverified
- **Published**: 2026-03-26 22:27:18
- **ID**: 36175
- **URL**: https://whisperx.ai/en/intel/36175