Summary
internal/securecomms.NewSSHClientConfigWithTimeout currently writes known_hosts input to a temp file and reparses it on each call. This is correct and safe, but repeated calls can add avoidable filesystem and parsing overhead in batch/high-throughput callers.
Why this matters
As usage scales (many short-lived SSH config constructions per process), repeated file write/parse/cleanup work becomes a bottleneck and increases I/O churn.
Proposed direction
Add an advanced API that preserves current behavior while allowing reuse of parsed host-key validation state:
- Keep existing
NewSSHClientConfig* APIs unchanged for compatibility.
- Add a new constructor path that accepts a prebuilt
ssh.HostKeyCallback.
- Optionally add helper parser(s) to build callbacks once from known_hosts data.
Acceptance criteria
- Existing
NewSSHClientConfig and NewSSHClientConfigWithTimeout semantics remain unchanged.
- New API allows repeated config creation without re-writing/re-parsing known_hosts per call.
- Unit tests cover both legacy and new paths.
- Docs describe when to use each API path.
Risk notes
- Must preserve strict host key verification behavior.
- Avoid introducing callback behavior drift between old/new paths.
Summary
internal/securecomms.NewSSHClientConfigWithTimeoutcurrently writesknown_hostsinput to a temp file and reparses it on each call. This is correct and safe, but repeated calls can add avoidable filesystem and parsing overhead in batch/high-throughput callers.Why this matters
As usage scales (many short-lived SSH config constructions per process), repeated file write/parse/cleanup work becomes a bottleneck and increases I/O churn.
Proposed direction
Add an advanced API that preserves current behavior while allowing reuse of parsed host-key validation state:
NewSSHClientConfig*APIs unchanged for compatibility.ssh.HostKeyCallback.Acceptance criteria
NewSSHClientConfigandNewSSHClientConfigWithTimeoutsemantics remain unchanged.Risk notes