[英]ssh connection when building in Jenkins (Host key verification failed.)
[英]Failed to connect to the host via ssh: Host key verification failed.\r\n
當我嘗試以 ansible 連接到主機時出錯
我能夠在本地主機(ansible)中 ping ssh_connection,但不能在 jenkins 管道構建中。
我幾乎嘗試了所有方法。
----------
[FPipeline] Running shell script
+ ansible all -m ping -vvv
ansible 2.4.0.0
config file = /var/lib/jenkins/workspace/FPipeline/ansible.cfg
configured module search path =
[u'/var/lib/jenkins/.ansible/plugins/modules',
u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /bin/ansible
python version = 2.7.5 (default, Aug 4 2017, 00:39:18) [GCC 4.8.5 20150623
(Red Hat 4.8.5-16)]
Using /var/lib/jenkins/workspace/FPipeline/ansible.cfg as config file
Parsed /etc/ansible/hosts inventory source with ini plugin
META: ran handlers
Using module file /usr/lib/python2.7/site-
packages/ansible/modules/system/ping.py
<localhost> ESTABLISH SSH CONNECTION FOR USER: None
<localhost> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o
KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-
mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o
ConnectTimeout=10 -o ControlPath=/var/lib/jenkins/.ansible/cp/8a5a4c6a60
localhost '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
Using module file /usr/lib/python2.7/site-
packages/ansible/modules/system/ping.py
<192.168.219.131> ESTABLISH SSH CONNECTION FOR USER: None
<192.168.219.131> SSH: EXEC ssh -C -o ControlMaster=auto -o
ControlPersist=60s -o KbdInteractiveAuthentication=no -o
PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o
PasswordAuthentication=no -o ConnectTimeout=10 -o
ControlPath=/var/lib/jenkins/.ansible/cp/81147ff3f7 192.168.219.131 '/bin/sh
-c '"'"'echo ~ && sleep 0'"'"''
<192.168.219.131> (255, '', 'Host key verification failed.\r\n')
server1 | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Host key verification
failed.\r\n",
"unreachable": true
}
<localhost> (255, '', 'Host key verification failed.\r\n')
localhost | UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh: Host key verification
failed.\r\n",
"unreachable": true
}
----------
你能幫我解決這個問題嗎...
在你的ansible配置文件/var/lib/jenkins/workspace/FPipeline/ansible.cfg
添加以下行並再次測試它。
[defaults]
host_key_checking = False
在禁用主機密鑰檢查的另一種方式ansible
是設定ANSIBLE_HOST_KEY_CHECKING
環境變量False
export ANSIBLE_HOST_KEY_CHECKING=False
我建議不要完全禁用主機密鑰檢查,而是建議將所有主機添加一次(您應該驗證 SSH 指紋)。 您需要與發起 SSH 連接的用戶(在您的情況下可能是 Jenkins 用戶)一起運行這些命令:
# remove any old fingerprints for the host
ssh-keygen -R server.example.com
# add SSH fingerprints for the host
ssh-keyscan -t ecdsa,ed25519 -H server.example.com >> ~/.ssh/known_hosts 2>&1
機器首次連接后是否重建了?
如果需要,您需要從~/.ssh/known_hosts
刪除主機,或者將以下選項添加到SSH: StrictHostKeyChecking=no
。
您可以使用Jenkins ansible插件執行此操作。 他們的文檔有一個主機密鑰檢查錯誤,但這是一個完整的工作示例 :
以下是解決方案的重要摘要:
ansiColor('xterm') {
ansiblePlaybook(
playbook: './ansible/playbook.yml',
inventory: '/tmp/inventory.ini',
credentialsId: 'your-jenkins-pk-credential',
disableHostKeyChecking: true,
colorized: true)
}
}
Jenkins 提供了禁用 SSH 主機密鑰檢查的選項。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.