Search code examples
jenkinssshansiblecentosssh-keys

Failed to connect to the host via ssh: Host key verification failed

I am facing an issue while executing the ansible-playbook form Jenkins,

like :

PLAY [centos-slave-02] *********************************************************



TASK [Gathering Facts] *********************************************************

fatal: [centos-slave-02]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Host key verification failed.", "unreachable": true}

PLAY RECAP *********************************************************************

centos-slave-02            : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0

but I am able to get ping-pong response and each time its asking for

Matching host key in /var/jenkins_home/.ssh/known_hosts:5  :

jenkins@c11582cb5024:~/jenkins-ansible$ ansible -i hosts -m ping centos-slave-02

Warning: the ECDSA host key for 'centos-slave-02' differs from the key for the IP address '172.19.0.3'

Offending key for IP in /var/jenkins_home/.ssh/known_hosts:2

Matching host key in /var/jenkins_home/.ssh/known_hosts:5

Are you sure you want to continue connecting (yes/no)? yes

centos-slave-02 | SUCCESS => {

    "ansible_facts": {

        "discovered_interpreter_python": "/usr/bin/python"

    },

    "changed": false,

    "ping": "pong"

}

could anyone please fix this issue!thanks in advance.

Solution

  • Your known_hosts file in the jenkins-ansible host already has an entry for the host centos-slave-02. Now that the centos-slave-02 host's identity has changed, a new entry needs to be added. But the existing entry in the file is throwing this warning.

    Warning: the ECDSA host key for 'centos-slave-02' differs from the key for the IP address '172.19.0.3'

Offending key for IP in /var/jenkins_home/.ssh/known_hosts:2

Matching host key in /var/jenkins_home/.ssh/known_hosts:5

    You can either manually edit the /var/jenkins_home/.ssh/known_hosts file to remove the key for this centos-slave-02 host or run the below command,

    ssh-keygen -R centos-slave-02

    The workaround with ansible would be to add this line in ansible.cfg under [defaults] section,

    [defaults]
host_key_checking = False

    This will disable HostKeyChecking when making SSH connections.