known_hosts case issue

813 views
Skip to first unread message

James Morgan

unread,
Mar 4, 2016, 5:45:53 AM3/4/16
to Ansible Project
Hi,

Has anybody come across this issue with the known_hosts module.

The hostname of the box is uppercase. When I ssh to the box and add to the known_hosts file it gets added lowercase

[root@SPOBKJJUMPBOX ansible]# ssh SPOBKJLOGSVR
The authenticity of host 'spobkjlogsvr (10.XXXXX.202)' can't be established.
RSA key fingerprint is f8:09:f5:8d:31:5f:3f:dd:74:28:f8:af:be:3f:16:cb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'spobkjlogsvr,10.XXXXX.202' (RSA) to the list of known hosts.

Using the known_hosts module I was using 

local_action:
    module: known_hosts
    name: "{{ ansible_fqdn }}"
    key: "{{ ansible_fqdn }},{{ ansible_default_ipv4.address }} ssh-rsa {{ ansible_ssh_host_key_rsa_public }}"

to add each servers public rsa key to the jump boxes known hosts file. This fails

TASK: [openbet/user-obadmin | Add server key to known hosts] ******************
2016-03-04 18:08:31 (task 0h 0m 0.019s, total 0h 0m 4.102s)  
<127.0.0.1> REMOTE_MODULE known_hosts key='SPOBKJLOGSVR ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAv5iU809JBGNiBSbH3TpmYh4h1ww+j9Mdxo3ZJDeFtqOUNob0YSPWwit1AruQqB/o1kXKERgACEMvS/plW6ywjdiCkwG+IvFiBeudgNlNlds8orpK227mdugpozDYUepacDKLrcKpvPbzPgJwijQLtWQefk+RbcncuMQJM6CmKgGUOk5z+9IuZBd6hfK1iPba/fU0QT+eZ7LwXp5sORdlfRyazG7FuyTckXtC0KXUjA43KUqUCq3LnVhofxg3BbFGAjW3LxL1qVptRduwxcPIZDQ==' name=SPOBKJLOGSVR
failed: [SPOBKJLOGSVR -> 127.0.0.1] => {"failed": true}
msg: Host parameter does not match hashed host field in supplied key

The error comes from the sanity check where Ansible runs ssh-keygen -F host

/usr/lib/python2.6/site-packages/ansible/modules/extras/system/known_hosts.py

try:
        outf=tempfile.NamedTemporaryFile()
        outf.write(key)
        outf.flush()
    except IOError,e:
        module.fail_json(msg="Failed to write to temporary file %s: %s" % \
                             (outf.name,str(e)))
    rc,stdout,stderr=module.run_command([sshkeygen,'-F',host,
                                         '-f',outf.name], check_rc=True)


This uses the uppercase hostname SPOBKJLOGSVR. ssh-keygen doesn't match and therefore returns blank and fails.

Should this be case insensitive. I could use lowecase hostname though these seems the wrong approach. 

Any ideas?

Many thanks James

James Morgan

unread,
Mar 4, 2016, 5:48:15 AM3/4/16
to Ansible Project
I should add this is Ansible 1.9.4

Reply all
Reply to author
Forward
0 new messages