known_hosts
file¶known_hosts
module lets you add or remove a host keys from the known_hosts
file.Parameter | Choices/Defaults | Comments |
---|---|---|
hash_host
boolean
added in 2.3 |
|
Hash the hostname in the known_hosts file
|
key
-
|
The SSH public host key, as a string (required if state=present, optional when state=absent, in which case all keys for the host are removed). The key must be in the right format for ssh (see sshd(8), section "SSH_KNOWN_HOSTS FILE FORMAT").
Specifically, the key should not match the format that is found in an SSH pubkey file, but should rather have the hostname prepended to a line that includes the pubkey, the same way that it would appear in the known_hosts file. The value prepended to the line must also match the value of the name parameter.
|
|
name
-
/ required
|
The host to add or remove (must match a host specified in key). It will be converted to lowercase so that ssh-keygen can find it.
aliases: host |
|
path
-
|
Default: "(homedir)+/.ssh/known_hosts"
|
The known_hosts file to edit
|
state
-
|
|
present to add the host key, absent to remove it.
|
- name: tell the host about our servers it might want to ssh to
known_hosts:
path: /etc/ssh/ssh_known_hosts
name: foo.com.invalid
key: "{{ lookup('file', 'pubkeys/foo.com.invalid') }}"
Hint
If you notice any issues in this documentation you can edit this document to improve it.