Ansible Using a SSH password instead of a key is not possible because Host Key接続エラーの解決方法
環境
Red Hat Enterprise Linux release 9.2 (Plow)
Ansible 2.14.2
Python 3.11.2
Red Hat Enterprise Linux release 9.2 (Plow)
Ansible 2.14.2
Python 3.11.2
Red Hat Enterprise Linux release 9.2 (Plow) Ansible 2.14.2 Python 3.11.2
実行コマンド
ansible $ansible-playbook -i /etc/ansible/hosts test.yml -k
警告メッセージが表示されます。
PLAY [Ansibleテスト] ****************************************************************************************************************************************
TASK [チェックディレクトリ] *********************************************************************************************************************************
fatal: [192.168.213.129]: FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.
Please add this host's fingerprint to your known_hosts file to manage this host."}
PLAY RECAP **************************************************************************************************************************************************
192.168.213.129 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
PLAY [Ansibleテスト] ****************************************************************************************************************************************
TASK [チェックディレクトリ] *********************************************************************************************************************************
fatal: [192.168.213.129]: FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.
Please add this host's fingerprint to your known_hosts file to manage this host."}
PLAY RECAP **************************************************************************************************************************************************
192.168.213.129 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
PLAY [Ansibleテスト] ****************************************************************************************************************************************
TASK [チェックディレクトリ] *********************************************************************************************************************************
fatal: [192.168.213.129]: FAILED! => {"msg": "Using a SSH password instead of a key is not possible because Host Key checking is enabled and sshpass does not support this.
Please add this host's fingerprint to your known_hosts file to manage this host."}
PLAY RECAP **************************************************************************************************************************************************
192.168.213.129 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
方法1
# vi /etc/ansible/ansible.cfg
以下の設定を記載する
[ssh_connection]
ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
[ssh_connection]
ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
[ssh_connection] ssh_args = -o ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
説明
StrictHostKeyChecking=no
ホストのデータベースファイル(デフォルトでは~/.ssh/known_hosts)に存在しないときに確認なしに接続する。fingerprintは確認なしにホストのデータベースファイルに記録されていく。
UserKnownHostsFile=/dev/null
ホストのデータベースファイル。
方法2
#vi ~/.ssh/config
以下の内容を記載する
Host 192.168.213.*
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
Host 192.168.213.*
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
Host 192.168.213.* StrictHostKeyChecking no UserKnownHostsFile=/dev/null
説明
ansibleを実行するControl MachineのユーザのSSH設定で、fingerprintのチェックを行わないようにする。