Closed ivomarino closed 6 years ago
@ivomarino try adding -o StrictHostKeyChecking=no
to the SSH Options field.
thanks for feedback @ahonor, didn't work tried also different combinations, I now use:
eval `ssh-agent` ; ssh-add /var/lib/rundeck/var/storage/content/keys/sysadm/id_rsa ; ssh-add -L ; ssh -A -o 'StrictHostKeyChecking no' -J ${node.bastion} -p ${node.port} ${node.username}@${node.hostname} ${exec.command}
as exec
task, with bash -c
, node example:
<node name='foo-compute-03' tags='node,foo,production' hostname='compute-03' port='22' bastion='sysadm@first.jump.station,sysadm@second.jump.station:2221' osArch='x86_64' osFamily='linux' osName='trusty' osVersion='Ubuntu 14.04' username='sysadm'/>
which allows me to hop between multiple nodes.
@ivomarino that's a nice alternative. That can also be an example or different implementation for the plugin.
@ahonor yes, why not, happy that I could help;)
i since found a working config here - issue seems to be in the ProxyCommand config needs to also have StrictHostKeyChecking disabled or add the key to your server via some other means
Host *
StrictHostKeyChecking no
ForwardAgent yes
Port 22
ProxyCommand ssh -oStrictHostKeyChecking=no -i @bastion_ssh_key@ awx@@bastion_ssh_host@ -W %h:%p
IdentityFile @node_ssh_key@
the ProxyCommand -oStrictHostKeyChecking affects the local SSH within the rundeck box -
the StrictHostKeyChecking for the Host config is for after the proxy session is opened and if your jumpbox has the SSH host key stored already then it is unneccesary
hi there, great plugin, unfortunately I always get the following issue:
Host key verification failed.
. Setup is like that:Connecting to the bastion host using rundeck's base ssh works fine, any ideas? I'm running rundeck as Docker container by the way, thanks