Note
This module is part of ansible-core
and included in all Ansible installations. In most cases, you can use the short module name known_hosts
even without specifying the collections:
keyword. However, we recommend you use the FQCN for easy linking to the module documentation and to avoid conflicting with other collections that may have the same module name.
New in version 1.9: of ansible.builtin
known_hosts
module lets you add or remove a host keys from the known_hosts
file.Parameter | Choices/Defaults | Comments |
---|---|---|
hash_host boolean added in 2.3 of ansible.builtin |
| Hash the hostname in the known_hosts file. |
key string | The SSH public host key, as a string. Required if state=present , optional when state=absent , in which case all keys for the host are removed.The key must be in the right format for SSH (see sshd(8), section "SSH_KNOWN_HOSTS FILE FORMAT"). Specifically, the key should not match the format that is found in an SSH pubkey file, but should rather have the hostname prepended to a line that includes the pubkey, the same way that it would appear in the known_hosts file. The value prepended to the line must also match the value of the name parameter. Should be of format `<hostname[,IP]> ssh-rsa <pubkey>`. For custom SSH port, key needs to specify port as well. See example section. | |
name string / required | The host to add or remove (must match a host specified in key). It will be converted to lowercase so that ssh-keygen can find it. Must match with <hostname> or <ip> present in key attribute. For custom SSH port, name needs to specify port as well. See example section.aliases: host | |
path path | Default: "~/.ssh/known_hosts" | The known_hosts file to edit. |
state string |
|
present to add the host key.
absent to remove it. |
- name: Tell the host about our servers it might want to ssh to known_hosts: path: /etc/ssh/ssh_known_hosts name: foo.com.invalid key: "{{ lookup('file', 'pubkeys/foo.com.invalid') }}" - name: Another way to call known_hosts known_hosts: name: host1.example.com # or 10.9.8.77 key: host1.example.com,10.9.8.77 ssh-rsa ASDeararAIUHI324324 # some key gibberish path: /etc/ssh/ssh_known_hosts state: present - name: Add host with custom SSH port known_hosts: name: '[host1.example.com]:2222' key: '[host1.example.com]:2222 ssh-rsa ASDeararAIUHI324324' # some key gibberish path: /etc/ssh/ssh_known_hosts state: present
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/ansible/builtin/known_hosts_module.html