You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, I'm new to this project and may be totally wrong about this.
With an inventory file of two IP addresses and localhost entries, running the playbook produces a local known_hosts file with only 'localhost' entries. Expected to see 3 entries.
The sshd_config at two volttron nodes is setup with AuthenticationMethods "publickey,password"
And pubkeys have been uploaded to both.
When testing the resulting know_hosts file, ssh to each IP address produces a warning that a permanent entry will be added. ssh to localhost simply asks for password, as expected.
It appears that each inventory entry is "delegated" -> localhost a potential bug?
localhost delegation: For cases where this playbook is actually doing something useful, this is certainly needed/intended to be done. The issue is that on a new system (like a newly provisioned VM from vagrant), there's no known_hosts entry and so attempts to connect over ssh (to run tasks on the inventory host) will fail to connect. We delegate a task to the host running the playbook which is supposed to make a remote call to lookup the host key for each inventory entry, then write to the local known_hosts file to update those entries.
Sort of beside the point of your question, but running the playbook may not be relevant for you. We created it to deal with changing host keys when doing frequent vagrant destroy/up cycles trying to test on new remote systems. If you're already ssh'ing to the remotes to test things or set additional keys then you don't need this playbook at all. That doesn't change the fact that you're correct to expect a known_hosts entry for each system in your inventory, but hopefully means you're not blocked on whatever your primary activity actually is.
Hi, I'm new to this project and may be totally wrong about this.
With an inventory file of two IP addresses and localhost entries, running the playbook produces a local known_hosts file with only 'localhost' entries. Expected to see 3 entries.
The sshd_config at two volttron nodes is setup with AuthenticationMethods "publickey,password"
And pubkeys have been uploaded to both.
When testing the resulting know_hosts file, ssh to each IP address produces a warning that a permanent entry will be added. ssh to localhost simply asks for password, as expected.
It appears that each inventory entry is "delegated" -> localhost a potential bug?
// Sample run:
$ cat inventory
192.168.1.150
192.168.1.122
localhost
$ rm .ssh/known_hosts
$ ansible-playbook -i inventory .ansible/roles/volttron-ansible/volttron-ansible/ensure-host-keys.yml
PLAY [ensure host key entries] ***************************************************************************************
TASK [get ssh known_host values] ***************************************************************************************
ok: [192.168.1.150 -> localhost]
TASK [add/update the known_hosts public key] ***************************************************************************************
changed: [192.168.1.150 -> localhost]
PLAY [ensure host key entries] ***************************************************************************************
TASK [get ssh known_host values] ***************************************************************************************
ok: [192.168.1.122 -> localhost]
TASK [add/update the known_hosts public key] ***************************************************************************************
ok: [192.168.1.122 -> localhost]
PLAY [ensure host key entries] ***************************************************************************************
TASK [get ssh known_host values] ***************************************************************************************
ok: [localhost -> localhost]
TASK [add/update the known_hosts public key] ***************************************************************************************
ok: [localhost -> localhost]
PLAY RECAP ***************************************************************************************
192.168.1.122 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.1.150 : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
localhost : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
The text was updated successfully, but these errors were encountered: