Comments (4)
Hi @Fabl0s
If a new host is not in ‘known_hosts’ your control node may prompt for confirmation of the key, which results in an interactive experience if using Ansible, from say, cron.
It is why this scenario doesn't work. I tried disable interactive but it breaks authentication by login/password.
"Why Semaphore hangs" - most frequently asked question.
I think I never had any interactive parts when using ssh flag "accept-new" - Ansible would just fail that single node in a run when we replaced a node. Maybe that can be an option?
However, could Key-Checking still be some sort of opt-in for those who want it and dont use Password Logins anyway?
from semaphore.
Hi @Fabl0s
Did you try to add environment variable ANSIBLE_HOST_KEY_CHECKING=True
?
from semaphore.
Hi @Fabl0s Did you try to add environment variable
ANSIBLE_HOST_KEY_CHECKING=True
?
Not via Variable, I added it to my ansible.cfg as a workarround for now and it does work that way.
I can also check via EnvVar but I'd expect the same result.
But I would much preferr to auto-accept new keys and deny changed keys as a default over no checking at all.
At least as an opt-in if you absolutely want to keep it off by default.
My point about this beeing not Ideal still stands regarding Security:
Ansible enables host key checking by default. Checking host keys guards against server spoofing and man-in-the-middle attacks, but it does require some maintenance.
A more secure default should be kept if its already there in ansible imo.
It also can cause issues with enterprises security compliance aswell.
from semaphore.
Hi @Fabl0s
If a new host is not in ‘known_hosts’ your control node may prompt for confirmation of the key, which results in an interactive experience if using Ansible, from say, cron.
It is why this scenario doesn't work. I tried disable interactive but it breaks authentication by login/password.
"Why Semaphore hangs" - most frequently asked question.
from semaphore.
Related Issues (20)
- Problem: CRON configuration "forgets" the day of the week HOT 1
- Docs: API docs for /project/{project_id}/templates refers to 'alias' instead of 'name'
- Problem: API /project/1/templates/ fails with Postgres HOT 2
- Docs: API docs for GET /project/{project_id}/users is incorrect
- Problem: Application button missing
- Feature: Better inventory path handling in UI
- Problem: Project backup files are not restored correctly
- Problem:SEMAPHORE_ ACCESS_KEY_ENCRYPTION not used? HOT 2
- Problem: Bash Tasks no longer get survey variables passed to them HOT 1
- PowerShell Scripts inventory?
- Missing "commit based" Schedule Type in Schedule section
- Problem: Unable to run new task HOT 2
- Problem: Error displaying Stopped status
- Problem: Git repo always recreated on run
- Question:
- Problem: Environment boolean values are created as strings in TABLE editor
- Feature: Ability to import LDAP users programmatically
- Problem: Uncommon CRON format not working as expected
- Problem: Initialize Terraform pg backend with env variables HOT 1
- Feature: Show name of playbook in alerts. (success and failure)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from semaphore.