Host key verification failed

[ivomarino]

hi there, great plugin, unfortunately I always get the following issue: Host key verification failed.. Setup is like that:

Connecting to the bastion host using rundeck's base ssh works fine, any ideas? I'm running rundeck as Docker container by the way, thanks

[ahonor]

@ivomarino try adding -o StrictHostKeyChecking=no to the SSH Options field.

[ivomarino]

thanks for feedback @ahonor, didn't work tried also different combinations, I now use:

eval `ssh-agent` ; ssh-add /var/lib/rundeck/var/storage/content/keys/sysadm/id_rsa ; ssh-add -L ; ssh -A -o 'StrictHostKeyChecking no' -J ${node.bastion} -p ${node.port} ${node.username}@${node.hostname} ${exec.command}

as exec task, with bash -c, node example:

<node name='foo-compute-03' tags='node,foo,production' hostname='compute-03' port='22' bastion='sysadm@first.jump.station,sysadm@second.jump.station:2221' osArch='x86_64' osFamily='linux' osName='trusty' osVersion='Ubuntu 14.04' username='sysadm'/>

which allows me to hop between multiple nodes.

[ahonor]

@ivomarino that's a nice alternative. That can also be an example or different implementation for the plugin.

[ivomarino]

@ahonor yes, why not, happy that I could help;)

[anthonysomerset]

i since found a working config here - issue seems to be in the ProxyCommand config needs to also have StrictHostKeyChecking disabled or add the key to your server via some other means

Host *
  StrictHostKeyChecking no
  ForwardAgent yes
  Port 22
  ProxyCommand ssh -oStrictHostKeyChecking=no -i @bastion_ssh_key@ awx@@bastion_ssh_host@ -W %h:%p
  IdentityFile @node_ssh_key@

the ProxyCommand -oStrictHostKeyChecking affects the local SSH within the rundeck box -

the StrictHostKeyChecking for the Host config is for after the proxy session is opened and if your jumpbox has the SSH host key stored already then it is unneccesary