known_hosts - Add or remove a host from the known_hosts file

New in version 1.9.

Synopsis

  • The known_hosts module lets you add or remove a host keys from the known_hosts file.
  • Starting at Ansible 2.2, multiple entries per host are allowed, but only one for each key type supported by ssh. This is useful if you’re going to want to use the git module over ssh, for example.
  • If you have a very large number of host keys to manage, you will find the template module more useful.

Parameters

Parameter Choices/Defaults Comments
hash_host
(added in 2.3)
Default:
no
Hash the hostname in the known_hosts file
key Default:
None
The SSH public host key, as a string (required if state=present, optional when state=absent, in which case all keys for the host are removed). The key must be in the right format for ssh (see sshd(8), section "SSH_KNOWN_HOSTS FILE FORMAT")
name
required
Default:
None
The host to add or remove (must match a host specified in key). It will be converted to lowercase so that ssh-keygen can find it.

aliases: host
path Default:
(homedir)+/.ssh/known_hosts
The known_hosts file to edit
state
    Choices:
  • present
  • absent
present to add the host key, absent to remove it.

Examples

- name: tell the host about our servers it might want to ssh to
  known_hosts:
    path: /etc/ssh/ssh_known_hosts
    name: foo.com.invalid
    key: "{{ lookup('file', 'pubkeys/foo.com.invalid') }}"

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Author

  • Matthew Vernon (@mcv21)

Hint

If you notice any issues in this documentation you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.5/modules/known_hosts_module.html