Ignore Ansible SSH Host Key Checking - Ansible configuration

How to Ignore Ansible SSH Host Key Checking?

I'm going to show you a live Playbook with some simple Ansible code.

I'm Luca Berton and welcome to today's episode of Ansible Pilot.

SSH Host Key

> % ssh [email protected]

> The authenticity of host 'demo.example.com (192.168.0.190)' can't be established.

> RSA key fingerprint is SHA256:42JErOjO9fKNNBapEEyhpfTNn+rt8SPNob00uRlmqRs.

> This key is not known by any other names

> Are you sure you want to continue connecting (yes/no/[fingerprint])?

A host key is a cryptographic key used for authenticating computers in the SSH protocol.

Host keys are normally generated automatically when OpenSSH is first installed or when the computer is first booted.

In a production environment is considered a security mechanism to verify our machine has not been altered.

However, in a developer laboratory often, we need to destroy our machines often and recreate them. This behavior stops the Ansible execution and requires some manual developer work. We can apply this behavior also in a CI/CD pipeline or cloud computing provider.

Links

• [HOST_KEY_CHECKING](https://docs.ansible.com/ansible/latest/reference_appendices/config.html#host-key-checking)

Playbook

How to Ignore Ansible SSH Host Key Checking in our Ansible laboratory.

I'm going to show how to create a ansible.cfg file to ignore the SSH Host Key Checking at the beginning of the Ansible Playbooks execution.

• ansible.cfg

``ini

`

`yaml

`

`ini

`

`bash

`

`bash

`

``bash

$ ansible-playbook -i inventory ping.yml

PLAY [ping module Playbook] *