From e081b96221a8ad0add2664fd1b2969280cc6aba3 Mon Sep 17 00:00:00 2001 From: Robert Collins Date: Mon, 20 Jan 2014 12:45:12 +1300 Subject: [PATCH] Don't load system host keys. There are three places that nodepool connects to hosts: - to bootstrap where by definition any existing host key must be wrong - to bring up a snapshot where again any existing host key must be wrong - to check a node is still running Nodepool itself doesn't save the host key, so the third case will typically warn as well, or if an administrator logged into a node from the nodepool user account cause a failure. As such it seems that system host key validation is not useful and just serves to cause failures when a stale key is present. Change-Id: I074314d61b5c520bdd67da24bfd2a8e626da0dc5 --- nodepool/sshclient.py | 1 - 1 file changed, 1 deletion(-) diff --git a/nodepool/sshclient.py b/nodepool/sshclient.py index 4b056e1a4..235e3f741 100644 --- a/nodepool/sshclient.py +++ b/nodepool/sshclient.py @@ -25,7 +25,6 @@ class SSHClient(object): def __init__(self, ip, username, password=None, pkey=None, key_filename=None, log=None): client = paramiko.SSHClient() - client.load_system_host_keys() client.set_missing_host_key_policy(paramiko.WarningPolicy()) client.connect(ip, username=username, password=password, pkey=pkey, key_filename=key_filename)