我正在尝试在远程主机上运行 ansible 剧本。但登录的第一步没有发生。尝试了以下操作:
- 使用远程主机凭据更新了 ansible/hosts 文件
- 添加 host_key_checking=false
- 在 sshd_config 文件中,我已设置 ChallengeResponseAuthentication =yes(并重新启动了 ssh)
- Ansible 版本是 2.3
输出:
fatal: [10.236.155.69]: UNREACHABLE! => {
"changed": false,
"msg": "Failed to connect to the host via ssh:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is\n47:0a:1a:05:f2:49:1e:cc:99:2a:47:d8:67:4f:4c:2e.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:2
remove with: ssh-keygen -f \"/root/.ssh/known_hosts\" -R 10.236.155.69
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
Permission denied (publickey,password,keyboard-interactive).
",
"unreachable": true
}
答案1
如果这是您的主机,您应该从 /root/.ssh/known_hosts 第 2 行删除 SSH 指纹。您可以使用命令删除它:ssh-keygen -f \"/root/.ssh/known_hosts\" -R 10.236.155.69
或者使用任何文本编辑器手动执行。这是由于重新安装服务器导致重新生成 SSH 指纹造成的。如果您不对此主机执行任何操作,则可能是安全问题。