commit cb0c3a9e6843ec34bc2b914ff8eac81991c69e10
parent ac1fa1e7f9c1535f6a0a9e70c58ecde0ed3ff1c7
Author: Andreas Gruhler <andreas.gruhler@adfinis-sygroup.ch>
Date: Thu, 19 Sep 2019 16:51:47 +0200
update known hosts
Diffstat:
3 files changed, 45 insertions(+), 3 deletions(-)
diff --git a/Readme.md b/Readme.md
@@ -66,7 +66,7 @@ Adjust variables in `./ansible/group_vars/all.yml`:
* Ensure `pve_api` points to your compiled PVE API binary
* Define `additional_users` as needed
-### 4.2 Run Ansible
+### 4.2 Run Ansible to Build the SSH Config
The Ansible playbook runst the following tasks:
1. Retrieve the IP of the VMs via Qemu guest agent
@@ -90,6 +90,24 @@ If you choose an unprivileged `ansible_user` to reach the VMs, you may need to s
ansible-playbook playbook.yml -i inventory -l myhost -e ansible_user=root
```
+### 4.3 Update Known Hosts
+
+To prepare the local host for consecutive SSH connections, you might want to update you local `./ssh/known_hosts` file as follows:
+```
+# update known hosts locally and confirm
+ansible-playbook update-known-hosts.yml -i inventory
+```
+
+Alternatively, use the following commands:
+```
+cd ansible
+
+# remove previous hosts from known hosts
+for ip in $(cat qemu-config.yml | grep ip4 | awk '{print $2}'); do ssh-keygen -R $ip; done
+
+# update known hosts and confirm
+for host in $(cat qemu-config.yml | grep fqdn | awk '{print $3}'); do ssh -F ../ssh/config $host exit; done
+```
## 5 Troubleshooting, Tips & Tricks
diff --git a/ansible/playbook.yml b/ansible/playbook.yml
@@ -1,7 +1,7 @@
---
-# local tasks to generate ssh config
-# - input/requires: './qemu-config.yml'
+# Local tasks to generate ssh config
+# Input/requires: './qemu-config.yml'
- hosts: local
vars:
qemu_config: "{{ lookup('file', 'qemu-config.yml') | from_yaml }}"
diff --git a/ansible/update-known-hosts.yml b/ansible/update-known-hosts.yml
@@ -0,0 +1,24 @@
+---
+
+# Local tasks to update known ssh hosts
+#
+# Remove:
+# for ip in $(cat qemu-config.yml | grep ip4 | awk '{print $2}'); do ssh-keygen -R $ip; done
+#
+# Add:
+# for host in $(cat qemu-config.yml | grep fqdn | awk '{print $3}'); do ssh -F ../ssh/config $host exit; done
+#
+# Requires './qemu-config.yml' with ipv4 addresses
+- hosts: local
+ vars:
+ qemu_config: "{{ lookup('file', 'qemu-config.yml') | from_yaml }}"
+ tasks:
+ - name: remove the host from local known hosts
+ known_hosts:
+ path: '{{ ansible_env.HOME }}/.ssh/known_hosts'
+ name: '{{ item.ip4 }}'
+ state: absent
+ loop: '{{ qemu_config }}'
+
+ - name: update known host locally
+ shell: 'for host in $(cat qemu-config.yml | grep fqdn | awk "{print $3}"); do ssh -F ../ssh/config $host exit; done'