Updated collect-logs-sftp.sh.txt to skip tedious StrictHostKeyChecking

[ccharlton]

Added a useful parameter in the SFTP command that skips the need to ask the user if it's okay to connect with each appserver before downloading the logs. It's pretty tedious for the user without this flag, especially on site plans with many appservers.

Closes #

Summary

Doc Page Title - <Enter a one sentence summation of the pertinent changes (including not-yet-completed work) provided by this PR.>

Effect

The following changes are already committed:

Remaining Work and Prerequisites

The following changes still need to be completed:

• List any outstanding work here

Dependencies and Timing

• Other prerequisites that must be completed before merging this PR

Release:

• When ready
• After date: $DATE

---

Post Launch

Do not remove - To be completed by the docs team upon merge:

• Redirect /old-path/ => /new-path/ (if applicable)
• Include/exclude pages ^ respectively within docs search service provider (if applicable)
• For Heroes - add a props post to the discussion board.
• Remove from the project board

[pantheon-decoupled]

⚡ Deployed with Pantheon Decoupled

This build was successfully deployed with Pantheon. You can track the build logs here.

👀 Preview: https://pr-8747-documentation.appa.pantheon.site
🛠️ Manage in Pantheon: https://dashboard.pantheon.io/site/2b30153f-e8b1-4427-b076-6109e704ba5d/overview

[ccharlton]

The alternative option the script can use is BatchMode=yes, which also suppresses the connection prompt. The difference is, BatchMode will not append the server connection info to the user's known_hosts file. Does anyone have a reason we should adopt one over the other for customers?

[namespacebrian]

The difference is, BatchMode will not append the server connection info to the user's known_hosts file. Does anyone have a reason we should adopt one over the other for customers?

BatchMode will also not fall back on a Password: prompt if ssh key authentication fails (e.g. their ssh agent isn't running, or they don't have their ssh key added in their Pantheon dashboard, etc)

I'd personally approve either option. The Password: prompt could be good for cluing them in that there's an ssh key problem whereas rapidly failing might make that harder to diagnose.

[namespacebrian]

I'm in favor of this change.

It prevents the customer from having to type "yes" for each appserver while the script is running. They have no way of verifying the authenticity of a host key anyway, so typing "yes" to allow the connection is inherently blind in any scenario.

@kporras07 has expressed concern about the optics of our docs telling people to use an option that disables a security feature, but my view is that that feature doesn't actually provide any security.. it simply forces you to type "yes" to say you trust the remote host, which presumably you already decided when you pulled this script from the docs and decided to run it. If people prefer, we could add a note saying that that option simply disables a prompt asking you if you trust the remote host, but I don't personally feel that's necessary.