[Fab-user] EC2 host keys

[Patrick J McNerthney]

I have an issue with Amazon EC2 instances where ssh host keys have been 
saved in .ssh/known_hosts but are incompatible with an EC2 instance ip 
address.  This occurs when the ip address has been reassigned to a new 
EC2 instance.  So the basic sequence of events are:

o Start an EC2 instance which is assigned an ip address.
o ssh to that ip address and that server's ssh key is associated with 
that ip address in the known_hosts file.
o Terminate that EC2 instance.
o A new EC2 instance is started and it happens to get assigned the same 
ip address.

At this point, if I first ssh to it, I have ssh configured with 
StrictHostKeyChecking set to no, so ssh will emit a warning about this 
ip address having a new key, but still allows me to continue.

However, if at this point I try to use Fabric to execute some commands, 
it always will fail.  This is because the 
SSHClient.load_system_host_keys is always called, causing the connection 
to fail if there is an incompatibility between the ip address and the 
server key.

I have addressed this in my own fork here:  
http://github.com/iciclespider/fabric/commit/08ad1c491e5643990c2a35e865784d2b61aa742f

What this does is replace this:

   client.load_system_host_keys()
   if not env.reject_unknown_keys:
        client.set_missing_host_key_policy(ssh.AutoAddPolicy())

with this:

   if env.reject_unknown_keys:
       client.load_system_host_keys()
   else:
        client.set_missing_host_key_policy(ssh.AutoAddPolicy())

I also considered using another env setting value to control this, but 
my conclusion that this behavior is in fact in line with the implied 
behavior of the "reject_unknown_keys" name.  In other words, the list of 
known keys should only be loaded if the intention is to reject those 
keys that are not known.

Pat McNerthney
ClearPoint Metrics, Inc.