So far with the ssh package in go I have been able to create some sort of client that will allow two forms of authentication. Either the user inputs a password or it will use keys to authenticate. This works great, however StrictHostKeyChecking may be causing an issue. Normally the first time you would SSH into a remote you'll be prompted with a message asking about the host authorization.
Is there anyway in Go to provide the user with that yes / no prompt or to disable StrictHostKeyChecking altogether?
They don't implement this for you, but you could provide HostKeyCallback in the ClientConfig struct passed to Dial. The function you provide should validate the hostname and host key against some known list and prompt the user if it doesn't match. The documentation says that the default is to accept all host keys, which is like setting StrictHostKeyChecking no in the ssh client config.