Skip to content

Instantly share code, notes, and snippets.

@goreilly

goreilly/Batch manage and version host keys with ansible.md

Last active October 7, 2016 16:41
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save goreilly/4aec88b80d22c41db162ae6667e6e130 to your computer and use it in GitHub Desktop.
Save goreilly/4aec88b80d22c41db162ae6667e6e130 to your computer and use it in GitHub Desktop.
Download ZIP
Batch manage and version host keys with ansible
Raw
Batch manage and version host keys with ansible.md

Batch manage and version host keys with ansible

$ ansible-playbook tool_known_hosts.yml

./tool_known_hosts.yml

---
- hosts: localhost
  become: no
  tasks:
    - with_fileglob: files/host_keys/*.com
      lineinfile:
        dest: ~/.ssh/known_hosts
        regexp: '{{ item | basename }}'
        line: '{{ lookup("file", item) }}'

./files/host_keys/generate.php

#!/usr/bin/env php
<?php

$domain = 'example.com';

$hosts = [
    'web',
    'db',
    'redis',
    'test',
];

foreach ($hosts as $host) {
    $fqdn = "$host.$domain";

    $ip = gethostbyname($fqdn);

    $key = exec('ssh-keyscan '.escapeshellarg("$fqdn,$ip").' 2>/dev/null');

    file_put_contents(__DIR__.'/'.$fqdn, $key);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment