I guess that could indeed be optional although I'm not really familiar with these parameters. @fustundag, do you remember why it was implemented this way?

@laurent22 If host key changed ( not public/private key, ssh access is stili valid) backup cloud be failed. I choose this option to prevent this fail.

We can change to decide user this ssh config.

Also it's becomes permanent warning:

Warning: Permanently added 'domain' (ECDSA) to the list of known hosts.

that falls to stdout.

The scenario is: Every host has a pubplic/private key pair which allows you to identify it distinctly. The keys are stored in your ~/.ssh/known_hosts file once confirmed. From this time every connection attempts is being compared to the stored key and thus checked whether the remote keys has changed. This shall indicate that something unwanted has happened to your remote machine – aiming to detect a sever breach.

Having this option included by default prevents the host validation check done by the SSH client and thus undermines an important security feature. I think it would be better to remove it and let each user decide to opt in if required (by using --rsync-set-flags).

@Loki3000

Also it's becomes permanent warning:

This should only happen if you only have the second part enabled (-o UserKnownHostsFile=/dev/null). This leads to discarding all discovered keys and thus trying to add it again on every new connection.

This should only happen if you only have the second part enabled

I know. But it's enabled by default. And there is no way to disable it without code modification.

Maybe a better way to set SSH parameters is to do this like --rsync-set-flags.

 --ssh-get-flags        Display the default SSH flags that are used for backup.
 --ssh-set-flags        Set the SSH flags that are used for backup.
 --ssh-append-flags     Append the SSH flags that are going to be used for backup.

Then, allow users to set their own SSH parameters and take responsibility for their SSH settings.