Ansible known_hosts Module: Manage SSH Host Keys (Complete Guide)
By Luca Berton · Published 2024-01-01 · Category: security-compliance
How to use Ansible known_hosts module to manage SSH host keys. Add, remove, and verify host keys for secure SSH connections. Complete guide with examples.
Ansible known_hosts Module: Manage SSH Host Keys (Complete Guide)
The ansible.builtin.known_hosts module manage SSH known_hosts entries. This guide covers all common use cases with practical playbook examples.
Add a Host Key
Add Multiple Hosts
Remove a Host Key
FAQ
How do I manage SSH known_hosts in Ansible?
Use ansible.builtin.known_hosts with the hostname and key. Get the key with ssh-keyscan via a lookup plugin. Set state: present to add or absent to remove.
Why should I manage known_hosts with Ansible?
Pre-populating known_hosts prevents interactive prompts during automation and reduces the risk of man-in-the-middle attacks by verifying host keys before first connection.
Conclusion
The ansible.builtin.known_hosts module is a versatile tool for manage SSH known_hosts entries. Use the examples above as starting points and adapt them to your infrastructure needs.
Related Articles • Ansible Vault: Encrypt Secrets • Ansible Variables Guide
Category: security-compliance