How to avoid host key checking while cloning a repository with ssh url in ansible playbook

This post focuses on “How to avoid strict host key checking when you try to clone a repository with ssh url in you ansible playbook”.
Everytime when you try to clone a repository or do a bundle install to install gem via ssh url, Host key verification will hang the process. It will ask to add the github.com to add to the known_hosts list but while bundle install it doesn’t even asks to add github.com to know_hosts list. This problem was faced by me and the solution I found on internet/stackoverflow was not enough to solve my problem.

I posted this issue on Stackoverflow.

The solution I got is to disable host key checking in ansible.cfg file by un-commenting the following line int ansible.cfg file.

host_key_checking=false

But this doesn’t work as this only disable host key checking for the remote host we are connecting to but not to the github.com to which our remote host is trying to get connected.

But finally the following workaround works for me. Adding the github.com to the list of known_hosts worked and my bundle install was running properly.
Add the following code to you ansible playbook.

  - name: ensure github.com is a known host
    sudo: yes
    lineinfile:
      dest: /home/ubuntu/.ssh/known_hosts
      create: yes
      state: present
      line: "{{ lookup('pipe', 'ssh-keyscan -t rsa github.com') }}"
      regexp: "^github\.com"

This added the key of github.com to the list of knows_hosts on the remote host on which we are trying to clone or trying to install the gem via ssh url.
Hope this is useful. Happy automation.

Leave a Reply

Your email address will not be published. Required fields are marked *