[Fab-user] Forcing ssh to fail if no host key?

[Roy Smith]

I want to force ssh to fail if I don't have a host key.  If I remove a host key from known_hosts and then run ssh from the command line with -o StrictHostKeyChecking=yes, I get:

$ ssh -o StrictHostKeyChecking=yes my_host.com

No RSA host key is known for my_host.com and you have requested strict checking.

Host key verification failed.

this is exactly the behavior I want from fabric, but I can't figure out how to do it.  If I do:

env.reject_unknown_hosts = False

@task

@roles('app_servers')

def preflight():

    print run("hostname")

and run preflight, it connects to the missing host without complaint.  If I set reject_unknown_hosts to True, it prompts me for my login password.  Not defining reject_unknown_hosts at all seems to get me the same behavior as setting it to True.

The documentation (http://docs.fabfile.org/en/1.4.2/usage/ssh.html) is really confusing.  It starts out describing the Reject, Add, and Ask options, but then only talks about setting reject_unknown_hosts to True or False.  What do I have to set to get the Rject behavior?

--

Roy Smith

address@hidden