Passing host_key_checking
varunchopra opened this issue · 6 comments
How would I pass host_key_checking = False
to my script?
First, I passed it as an option and ran the script - got this:
Traceback (most recent call last):
File "testing.py", line 7, in <module>
result = api.command('hostname')
File "/usr/local/lib/python2.7/dist-packages/suitable/module_runner.py", line 171, in execute
return self.evaluate_results(callback)
File "/usr/local/lib/python2.7/dist-packages/suitable/module_runner.py", line 199, in evaluate_results
self, server
File "/usr/local/lib/python2.7/dist-packages/suitable/module_runner.py", line 180, in trigger_event
action = getattr(self.api, method)(*args)
File "/usr/local/lib/python2.7/dist-packages/suitable/api.py", line 224, in on_unreachable_host
raise UnreachableError(module, host)
suitable.errors.UnreachableError: ec2-52-66-178-96.ap-south-1.compute.amazonaws.com could not be reached
I modified /etc/ssh/ssh_config
and added StrictHostKeyChecking no
and ran the script again. Same error ^.
I then SSH'd normally without making any more changes:
ssh ec2-user@ec2-52-66-178-96.ap-south-1.compute.amazonaws.com -i .id_rsa
and it worked.
I then ran the script again and it was able to login.
Can you try passing it through the extra_vars and let me know if it works?
api = Api('example.org', extra_vars={'host_key_checking': False})
You could also try the following environment variable:
export ANSIBLE_HOST_KEY_CHECKING=False
If none of this works let me know and I'll try to reproduce this.
Hmm, shouldn't work as an extra_var but I'll give it a shot. ¯\_(ツ)_/¯
Doesn't work:
api = Api('example.org', extra_vars={'host_key_checking': False})
Works:
export ANSIBLE_HOST_KEY_CHECKING=False
Would be great if it worked otherwise though. Perhaps an additional option could be added (?). This would allow us to use other config variables like library
too.
Okay, thanks for trying. I agree that it makes sense to add this. I'll tackle it as soon as I have the time.
This can alternatively be done as follows:
api = Api('www.rueti.ch', ssh_extra_args='-o StrictHostKeyChecking=no')
Unfortunately this doesn't currently work with Mitogen due to this function:
https://github.com/dw/mitogen/blob/898c06f1b9f1417b9f7c18465bee78eda7df2ec0/ansible_mitogen/connection.py#L70-L91
You could argue that Mitogen shouldn't enforce host key checking if the extra arg is given, since Ansible does the correct thing here. But ultimately what is needed is a way to change the constants before each task execution as defined on the Api object. For some reason Ansible only considers the global constants in this specific instance.
I do not have a fix yet, I just wanted to lie out some findings after looking into this a bit more.
I added a new Api option to handle this case. It turns out to be somewhat special as there's no single obvious way to pass this variable down to every connection plugin.
This is how it can be used:
api = Api(host, host_key_checking=False)
Naturally, this defaults to True
.
I've uploaded a new release to PyPI. Feel free to reopen if this doesn't solve your problem.