internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-08 06:12:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enable host_key checking at the strategy level

Browse Source 
Implements a new method in the ssh connection plugin (fetch_and_store_key)
which is used to prefetch the key using ssh-keyscan.
This commit is contained in:
James Cammarata
2015-12-15 09:39:13 -05:00
parent 15135f3c16
commit e5c2c03dea
6 changed files with 273 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
lib/ansible/utils/connection.py Normal file
View File

@@ -0,0 +1,50 @@
# (c) 2015, Ansible, Inc. <support@ansible.com>
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
import subprocess
import sys
__all__ = ['get_smart_connection_type']
def get_smart_connection_type(play_context):
'''
Uses the ssh command with the ControlPersist option while checking
for an error to determine if we should use ssh or paramiko. Also
may take other factors into account.
'''
conn_type = 'ssh'
if sys.platform.startswith('darwin') and play_context.password:
# due to a current bug in sshpass on OSX, which can trigger
# a kernel panic even for non-privileged users, we revert to
# paramiko on that OS when a SSH password is specified
conn_type = "paramiko"
else:
# see if SSH can support ControlPersist if not use paramiko
try:
cmd = subprocess.Popen(['ssh','-o','ControlPersist'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
(out, err) = cmd.communicate()
if "Bad configuration option" in err or "Usage:" in err:
conn_type = "paramiko"
except OSError:
conn_type = "paramiko"
return conn_type