Hi Anyone can explain “false” below. Thank you
sudo nano ansible.cfg
[defaults]
inventory = ./hosts
host_key checking = false
Hi Anyone can explain “false” below. Thank you
sudo nano ansible.cfg
[defaults]
inventory = ./hosts
host_key checking = false
“Set this to “False” if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host” per the link below. Most commonly used for SSH connections.
https://docs.ansible.com/ansible/latest/reference_appendices/config.html
"Set this to “False” if you want to avoid host key checking by the underlying tools Ansible uses to connect to the host" per the link below. Most commonly used for SSH connections.
https://docs.ansible.com/ansible/latest/reference_appendices/config.html
Host key checking is a big problem in many environments where a
disting OS image with distinct SSH keys may wind up assigned a
previously used IP address.
It can be turned for the Ansible server by editing ~/.ssh/config for
the account running ansible on that host, with:
Host *
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
LogLevel ERROR
I've been suggesting this for complex environments since.... the
1990's, where the "hosts have stable DNS and stable individual keys"
has never been reliable. There have been demands in various
environments to publish or sign host keys, but the bootstrap to get
those keys under management needs a tool like ansible running *first*,
or it becomes a nasty bootstrap operation.
Thank you!!