fab-user
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fab-user] Loading system known_hosts file

From: Ashby, Jason (IMS)
Subject: [Fab-user] Loading system known_hosts file
Date: Wed, 27 Jun 2012 15:39:16 +0000

Hi,

Is it possible for Fabric to use the “system” known hosts and key file found in /etc/ssh/ssh_known_hosts?  We keep all of our host keys in /etc/ssh/ssh_known_hosts and not in individual user’s home dirs. (~/.ssh).

 

I’ve tried the following env settings:

 

env.use_ssh_config = True

env.ssh_config_path = '/etc/ssh/ssh_config'

env.key_filename = '/etc/ssh/ssh_host_rsa_key'

 

However, I’m still prompted for a password.  I can hostbased SSH from mainhost to foohost without a password as root when testing from the Linux command line.  Here is some debug output:

 

address@hidden:~ > fab test

[foohost] Executing task 'test'

[foohost] run: uname -s

DEBUG:ssh.transport:starting thread (client mode): 0x26f2890L

INFO:ssh.transport:Connected (version 1.99, client OpenSSH_5.1)

DEBUG:ssh.transport:kex algos:['diffie-hellman-group-exchange-sha256', 'diffie-hellman-group-exchange-sha1', 'diffie                   -hellman-group14-sha1', 'diffie-hellman-group1-sha1'] server key:['ssh-rsa', 'ssh-dss'] client encrypt:['aes128-cbc'                   , '3des-cbc', 'blowfish-cbc', 'cast128-cbc', 'arcfour128', 'arcfour256', 'arcfour', 'aes192-cbc', 'aes256-cbc', 'rij                   address@hidden', 'aes128-ctr', 'aes192-ctr', 'aes256-ctr'] server encrypt:['aes128-cbc', '3des-cbc', 'blow                   fish-cbc', 'cast128-cbc', 'arcfour128', 'arcfour256', 'arcfour', 'aes192-cbc', 'aes256-cbc', 'address@hidden                   iu.se', 'aes128-ctr', 'aes192-ctr', 'aes256-ctr'] client mac:['hmac-md5', 'hmac-sha1', 'address@hidden', 'hmac-                   ripemd160', 'address@hidden', 'hmac-sha1-96', 'hmac-md5-96'] server mac:['hmac-md5', 'hmac-sha1', 'umac-                   address@hidden', 'hmac-ripemd160', 'address@hidden', 'hmac-sha1-96', 'hmac-md5-96'] client compress:['no                   ne', 'address@hidden', 'zlib'] server compress:['none', 'address@hidden', 'zlib'] client lang:[''] server lang:[                   ''] kex follows?False

DEBUG:ssh.transport:Ciphers agreed: local=aes128-ctr, remote=aes128-ctr

DEBUG:ssh.transport:using kex diffie-hellman-group1-sha1; server key type ssh-rsa; cipher: local aes128-ctr, remote                    aes128-ctr; mac: local hmac-sha1, remote hmac-sha1; compression: local none, remote none

DEBUG:ssh.transport:Switch to new keys ...

DEBUG:ssh.transport:Trying key 2d84d6f8af827bd2008aa7e8009fb3765 from /etc/ssh/ssh_host_rsa_key

DEBUG:ssh.transport:userauth is OK

INFO:ssh.transport:Authentication (publickey) failed.

[foohost] Login password for 'root':

 

 

FYI, the test function is just:

 

def test():

                  run('uname -s')

 

 

VERSION INFO:

root@ mainhost:~> fab --version

Fabric 1.4.2

ssh (library) 1.7.14

 

Thanks for your help!



Information in this e-mail may be confidential. It is intended only for the addressee(s) identified above. If you are not the addressee(s), or an employee or agent of the addressee(s), please note that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify the sender of the error.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]