Hi,
Has anybody come across this issue with the known_hosts module.
The hostname of the box is uppercase. When I ssh to the box and add to the known_hosts file it gets added lowercase
<br>[root@SPOBKJJUMPBOX ansible]# ssh SPOBKJLOGSVR<br>
|
- |
<br>The authenticity of host 'spobkjlogsvr (10.XXXXX.202)' can't be established.<br>
|
<br>RSA key fingerprint is f8:09:f5:8d:31:5f:3f:dd:74:28:f8:af:be:3f:16:cb.<br>
|
<br>Are you sure you want to continue connecting (yes/no)? yes<br>
|
<br>Warning: Permanently added 'spobkjlogsvr,10.XXXXX.202' (RSA) to the list of known hosts.<br>
|
Using the known_hosts module I was using
local_action:
module: known_hosts
name: “{{ ansible_fqdn }}”
key: “{{ ansible_fqdn }},{{ ansible_default_ipv4.address }} ssh-rsa {{ ansible_ssh_host_key_rsa_public }}”
to add each servers public rsa key to the jump boxes known hosts file. This fails
TASK: [openbet/user-obadmin | Add server key to known hosts] ******************
2016-03-04 18:08:31 (task 0h 0m 0.019s, total 0h 0m 4.102s)
<127.0.0.1> REMOTE_MODULE known_hosts key=‘SPOBKJLOGSVR ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAv5iU809JBGNiBSbH3TpmYh4h1ww+j9Mdxo3ZJDeFtqOUNob0YSPWwit1AruQqB/o1kXKERgACEMvS/plW6ywjdiCkwG+IvFiBeudgNlNlds8orpK227mdugpozDYUepacDKLrcKpvPbzPgJwijQLtWQefk+RbcncuMQJM6CmKgGUOk5z+9IuZBd6hfK1iPba/fU0QT+eZ7LwXp5sORdlfRyazG7FuyTckXtC0KXUjA43KUqUCq3LnVhofxg3BbFGAjW3LxL1qVptRduwxcPIZDQ==’ name=SPOBKJLOGSVR
failed: [SPOBKJLOGSVR → 127.0.0.1] => {“failed”: true}
msg: Host parameter does not match hashed host field in supplied key
The error comes from the sanity check where Ansible runs ssh-keygen -F host
/usr/lib/python2.6/site-packages/ansible/modules/extras/system/known_hosts.py
try:
outf=tempfile.NamedTemporaryFile()
outf.write(key)
outf.flush()
except IOError,e:
module.fail_json(msg=“Failed to write to temporary file %s: %s” %
(outf.name,str(e)))
rc,stdout,stderr=module.run_command([sshkeygen,‘-F’,host,
‘-f’,outf.name], check_rc=True)
This uses the uppercase hostname SPOBKJLOGSVR. ssh-keygen doesn’t match and therefore returns blank and fails.
Should this be case insensitive. I could use lowecase hostname though these seems the wrong approach.
Any ideas?
Many thanks James