Salt: Problem with salt-api and salt-ssh
Hi,
I'm trying to use salt-ssh with salt-api and it didn't work.
When I execute the normal sentence it works:
salt-ssh 'MachineSSH' test.ping
But when I tried to run over salt-api appears an error:
david@david-PC:~$ curl -si localhost:9191/run -H 'Accept: application/x-yaml' -d client='ssh' -d tgt='MachineSSH' -d fun='test.ping'
HTTP/1.1 200 OK
Content-Length: 388
Access-Control-Expose-Headers: GET, POST
Vary: Accept-Encoding
Server: CherryPy/3.2.2
Allow: GET, HEAD, POST
Access-Control-Allow-Credentials: true
Date: Mon, 02 May 2016 07:55:40 GMT
Access-Control-Allow-Origin: *
Content-Type: application/x-yaml
return:
- MachineSSH:
retcode: 254
stderr: ''
stdout: 'The host key needs to be accepted, to auto accept run salt-ssh with the
-i flag:
The authenticity of host ''192.168.254.2 (192.168.254.2)'' can''t be established.
ECDSA key fingerprint is ad:27:39:e6:20:0a:3b:15:a7:82:b4:1c:e6:ba:4d:f0.
Are you sure you want to continue connecting (yes/no)? '
I don't know how to pass "-i" flag via curl.
Can anyone help me please?
Thanks!
davidpsv17
All 11 comments
@davidpsv17, thanks for reporting. I'm not seeing any way for netapi to access salt or salt-ssh options at the command line level. My guess, @whiteinge can correct me if I'm wrong, is that it interacts with salt through LocalClient, which seems to be same API that the command line utils use, so if you need to setup the remote host key, you may have to accept it manually before running salt-ssh through the netapi client.
jfindlay
on 2 May 2016
Short update: This uses SSHClient. It is not documented if that class has any runtime parameters to modify StrictHostKeyChecking. At quick glance it's pulling that setting from opts (the config file).
@jfindlay and I talked and he is checking with the salt-ssh authors on whether that parameter can be modified at runtime. If not, we'll need to make this into a feature addition.
whiteinge
on 2 May 2016
Thanks @jfindlay , @whiteinge . For the moment I solved this adding in the roster file the tag priv:
davidpsv17
on 3 May 2016
@jfindlay Any update on this about whether or not this should be made into a feature request? Or is this resolved as-is?
rallytime
on 25 Jun 2016
I'm closing this since I didn't hear back. If this needs to be re-opened, please let me know. Thanks!
rallytime
on 16 Jul 2016
@rallytime thanks for keeping up on this. This does indeed need a feature request. I filed the above-linked one just now.
cc @jfindlay
whiteinge
on 18 Jul 2016
Thanks, @rallytime, @whiteinge. I must have missed this one.
jfindlay
on 18 Jul 2016
Perfect - thanks @whiteinge!
rallytime
on 18 Jul 2016
hi @davidpsv17 I have the same problem,Is there any good solution?
xiaopanggege
on 19 May 2017
@xiaopanggege I think the only workaround for now is to make your own custom wrapper (will require a little Python-fu). The ssh Runner module is a good place to start, then edit the __opts__ dictionary to add the necessary params before instantiating.
whiteinge
on 19 May 2017
@whiteinge Thanks锛宮y solution is in master server add /root/.ssh/config:
cat /root/.ssh/config
Host *
StrictHostKeyChecking no
now is Skip this Warning notices
xiaopanggege
on 23 May 2017
Related issues
qiushics
路
3Comments
lhost
路
3Comments
commutecat
路
3Comments
Oloremo
路
3Comments
saurabhnemade
路
3Comments
Most helpful comment
@whiteinge Thanks锛宮y solution is in master server add /root/.ssh/config:
cat /root/.ssh/config
Host *
StrictHostKeyChecking no
now is Skip this Warning notices