2.0 host key check issues
65 views
Skip to first unread message
Guy Knights
Nov 12, 2015, 8:05:41 PM11/12/15
to Ansible Project
I've noticed since I upgraded to 2.0 that something is wrong with host key checks when running ansible-playbook. Previously, under 1.9, if ansible-playbook encountered an unknown host key during the setup phase, it was present the standard OpenSSH host key prompt and pause to wait for user input. However, since 2.0 it now seems to continue with the next host even without any user input. This seems to cause issues as the run progresses and either causes the run to hang, or it just fails for the hosts with unknown keys. I have seen it wait at the prompt properly from time to time, but mostly I see the behaviour I just described.
Has anyone else noticed this issue?
Alex Leonhardt
Nov 13, 2015, 1:49:56 AM11/13/15
to ansible...@googlegroups.com
I'd try running 1.9 against the very same host and see what happens, also, adding -vvvv may give some idea what's happening too .. it may just be a new config setting somewhere ... this may be relevant too tho : https://github.com/ansible/ansible/issues/3694#issuecomment-22530734
Alex
On 13 November 2015 at 01:05, Guy Knights <guy.k...@gmail.com> wrote:
I've noticed since I upgraded to 2.0 that something is wrong with host key checks when running ansible-playbook. Previously, under 1.9, if ansible-playbook encountered an unknown host key during the setup phase, it was present the standard OpenSSH host key prompt and pause to wait for user input. However, since 2.0 it now seems to continue with the next host even without any user input. This seems to cause issues as the run progresses and either causes the run to hang, or it just fails for the hosts with unknown keys. I have seen it wait at the prompt properly from time to time, but mostly I see the behaviour I just described.Has anyone else noticed this issue?
--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/072222a0-fd12-419e-84c4-91005532066a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
gpg public key: http://dpaste.com/1CEJ38Z
Brian Coca
Nov 13, 2015, 1:57:43 AM11/13/15
to Ansible Project
2.0 does not lock known_hosts for updating ssh keys, 1.9 does, it is a
difficult issue as it needs to be locked to be consistent, but can end
up serializing the plays.
--
Brian Coca
difficult issue as it needs to be locked to be consistent, but can end
up serializing the plays.
--
Brian Coca
Reply all
Reply to author
Forward
0 new messages