如何通过负载均衡器分配 SSH 会话?

如何通过负载均衡器分配 SSH 会话?

我已经设置了类似于附图的服务器。

我尝试通过负载均衡器 (NLB) ssh 进入自动缩放组中的一个构建服务器,但收到以下错误消息。

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The ECDSA host key for xxx has changed,
and the key for the corresponding IP address xx.xx.xx.xx
has a different value. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
Offending key for IP in /home/xxx/.ssh/known_hosts:15
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Please contact your system administrator.
Add correct host key in /home/xxx/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/xxx/.ssh/known_hosts:21
ECDSA host key for xxx has changed and you have requested strict checking.
Host key verification failed.

无论分配了什么动态 IP 地址,允许 SSH 会话连接构建服务器的正确方法是什么?

在此处输入图片描述

答案1

您可以在配置文件host_key_checking = False中添加ansible.cfg(参见Ansible 入门)或者您可以ansible_ssh_common_args='-o StrictHostKeyChecking=no'在清单文件中将其添加为服务器的属性。有关更多示例,请参阅此 Stack Overflow回答

相关内容