adds config option to auto add keys when using paramiko (#18598)

* updates paramiko_ssh to auto add keys * updates constants with new config options This commit adds a new feature that will allow paramiko to automatically accept and save a host ssh key. This feature is controlled by the `host_key_auto_add` config setting in the paramiko section. The default is False to maintain current functionality. It also includes a new setting `look_for_keys` with the default to False for maintaining current the current setting.
2025-06-10 02:09:11 -07:00 · 2016-11-28 11:31:12 -05:00 · 2016-11-28 11:31:12 -05:00 · 7df5a0abd0
commit 7df5a0abd0
parent 0793cf3599
2 changed files with 7 additions and 2 deletions
--- a/lib/ansible/plugins/connection/paramiko_ssh.py
+++ b/lib/ansible/plugins/connection/paramiko_ssh.py
@ -89,7 +89,10 @@ class MyAddPolicy(object):

    def missing_host_key(self, client, hostname, key):

-        if C.HOST_KEY_CHECKING:
+        if all((C.HOST_KEY_CHECKING, not C.PARAMIKO_HOST_KEY_AUTO_ADD)):
+
+            if C.USE_PERSISTENT_CONNECTIONS:
+                raise AnsibleConnectionFailure('rejected %s host key for host %s: %s' % (key.get_name(), hostname, hexlify(key.get_fingerprint())))

            self.connection.connection_lock()

@ -227,7 +230,7 @@ class Connection(ConnectionBase):
                self._play_context.remote_addr,
                username=self._play_context.remote_user,
                allow_agent=allow_agent,
-                look_for_keys=True,
+                look_for_keys=C.PARAMIKO_LOOK_FOR_KEYS,
                key_filename=key_filename,
                password=self._play_context.password,
                timeout=self._play_context.timeout,