never wait for SSH prompts when running git commands

We never allow git via SSH or password/key access, and right now, this
causes things to hang forever.  This sets things up to fail quickly
with invalid ssh connections.

BatchMode=yes - passphrase/password querying will be disabled.

StrictHostKeyChecking=yes - never automatically prompt, or add host keys to
the ~/.ssh/known_hosts file, and refuse to connect to hosts whose host key
has changed.

buildserver/setup-env-vars

@@ -13,3 +13,7 @@ echo export ANDROID_HOME=$1 >> $bsenv
 echo 'export PATH=$PATH:${ANDROID_HOME}/tools:${ANDROID_HOME}/platform-tools:/opt/gradle/bin' >> $bsenv
 
 chmod 0644 $bsenv
+
+# make sure that SSH never hangs at a password or key prompt
+printf '    StrictHostKeyChecking yes' >> /etc/ssh/ssh_config
+printf '    BatchMode yes' >> /etc/ssh/config

fdroidserver/common.py

@@ -802,7 +802,14 @@ class vcs_git(vcs):
             git_config.append('url.https://u:p@' + domain + '.insteadOf=git://' + domain)
             git_config.append('-c')
             git_config.append('url.https://u:p@' + domain + '.insteadOf=https://' + domain)
-        envs.update({'GIT_TERMINAL_PROMPT': '0'})  # supported in git >= 2.3
+        # add helpful tricks supported in git >= 2.3
+        ssh_command = 'ssh -oBatchMode=yes -oStrictHostKeyChecking=yes'
+        git_config.append('-c')
+        git_config.append('core.sshCommand="' + ssh_command + '"')  # git >= 2.10
+        envs.update({
+            'GIT_TERMINAL_PROMPT': '0',
+            'GIT_SSH_COMMAND': ssh_command,  # git >= 2.3
+        })
         return FDroidPopen(['git', ] + git_config + gitargs,
                            envs=envs, cwd=cwd, output=output)