known_hosts模块ssh密钥传播问题
known_hosts模块ssh密钥传播问题
提问于 2022-04-26 19:57:25
我正在尝试为机器/用户创建一个更新known_hosts的剧本,但是我得到了一个我无法理解的错误。
---
- name: Keys
hosts: adminslaves
gather_facts: false
no_log: false
remote_user: test
#pre_tasks:
# - setup:
# gather_subset:
# - '!all'
tasks:
- name: Scan for SSH host keys.
shell: ssh-keyscan myhost.mydomain.com 2>/dev/null
changed_when: False
register: ssh_scan
# - name: show vars
# debug:
# msg: "{{ ssh_scan.stdout_lines }}"
#
- name: Update known_hosts.
known_hosts:
key: "{{ item }}"
name: "{{ ansible_host }}"
state: present
with_items: "{{ ssh_scan.stdout_lines }}"我的错误是"msg": "Host parameter does not match hashed host field in supplied key"}
我认为变量有正确的信息(至少在我调试它时是这样的)。
我的最终目标是编写一本剧本,将主机列表的ssh键添加到Jenkins auth的主机列表中。
感谢你的帮助。
回答 1
Stack Overflow用户
发布于 2022-05-27 09:59:09
问题是,ssh-keyscan myhost.mydomain.com 2>/dev/null的输出通常包含多个键,因此需要对其进行处理。具有相同错误消息的人会引发一个问题,但问题还是出现在ssh-key格式上。我更好地理解了检查known_hosts任务所使用的known_hosts。
在这里,我使用的代码:
- name: Populate known_hosts
hosts: spectrum_scale
tags: set_known_hosts
become: true
tasks:
- name: Scan for SSH keys
ansible.builtin.shell:
cmd: "ssh-keyscan {{ hostvars[spectrum_scale].ansible_fqdn }}
{{ hostvars[spectrum_scale].ansible_hostname }}
{{ hostvars[spectrum_scale].ansible_default_ipv4.address }}
2>/dev/null"
loop: "{{ groups['spectrum_scale'] }}"
loop_control:
loop_var: spectrum_scale
register: ssh_scan
- name: Set stdout_lines array for ssh_scan
set_fact:
ssout: []
- name: Fill ssout
set_fact:
ssout: "{{ ssout + ss_r.stdout_lines }}"
loop: "{{ ssh_scan.results }}"
loop_control:
loop_var:
ss_r
when: ss_r.stdout_lines is defined
- name: Add client ssh keys to known_hosts
ansible.builtin.known_hosts:
name: "{{ hk.split()[0] }}"
key: "{{ hk }}"
state: present
loop: "{{ ssout }}"
loop_control:
loop_var: hk页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/72019842
复制相关文章
相似问题
腾讯云开发者
