diff --git a/.gitea/workflows/build-release.yml b/.gitea/workflows/build-release.yml
index ebbf73e..c5c9602 100644
--- a/.gitea/workflows/build-release.yml
+++ b/.gitea/workflows/build-release.yml
@@ -159,10 +159,15 @@ jobs:
         run: |
           install --directory --mode 700 ~/.ssh
           echo "${RSYNC_SSH_KEY}" | install --mode 600 /dev/stdin ~/.ssh/id_ed25519
-          ssh-keyscan -H oolon.kosherinata.internal >> ~/.ssh/known_hosts
         env:
           RSYNC_SSH_KEY: ${{ secrets.RSYNC_SSH_KEY }}
 
+      - name: Test SSH connectivity
+        run: |
+          ssh -o StrictHostKeyChecking=accept-new "gitea_ci@${RPM_REPO_HOST}" exit
+        env:
+          RPM_REPO_HOST: oolon.kosherinata.internal
+
       - name: Sync RPMs to repo
         run: |
           rsync \
@@ -170,9 +175,13 @@ jobs:
             --verbose \
             --chmod D755,F644 \
             rpms/*.rpm \
-            "${{ secrets.RSYNC_TARGET }}:/var/www/rpm/fedora/${{ matrix.fedora_version }}/x86_64/"
+            "gitea_ci@${RPM_REPO_HOST}:/var/www/rpm/fedora/${{ matrix.fedora_version }}/x86_64/"
+        env:
+          RPM_REPO_HOST: oolon.kosherinata.internal
 
       - name: Update repo metadata
         run: |
-          ssh "${{ secrets.RSYNC_TARGET }}" \
+          ssh "gitea_ci@${RPM_REPO_HOST}" \
             "cd /var/www/rpm/fedora/${{ matrix.fedora_version }}/x86_64 && createrepo_c --update ."
+        env:
+          RPM_REPO_HOST: oolon.kosherinata.internal
diff --git a/readme.md b/readme.md
index 6d6ee28..3715252 100644
--- a/readme.md
+++ b/readme.md
@@ -117,5 +117,4 @@ The build-release workflow requires the following secrets:
 | `DISPATCH_TOKEN` | Gitea API token for triggering builds         |
 | `RPM_SIGNING_KEY`| ASCII-armored GPG signing subkey              |
 | `RPM_SIGNING_KEY_ID` | GPG key UID (`rpm@lair.cafe`)            |
-| `RSYNC_TARGET`   | SSH target for rsync (e.g. `gitea_ci@oolon`)  |
 | `RSYNC_SSH_KEY`  | SSH private key for the `gitea_ci` user       |