Ansible’s known_hosts module’s documentation is a bit scanty. Here’s a more complete example on how to use the module:
- set_fact:
host_IP: "{{ lookup('dig', 'host.example.org')}}"
# ecdsa seems to be the default if available on host.example.org
#
- name: get known_hosts fingerprint for host.example.org
shell: cat /etc/ssh/ssh_host_ecdsa_key.pub | awk '{ print $1 " " $2 }'
delegate_to: host.example.org
register: host_key
- name: add host.example.org to known_hosts
known_hosts:
host: host.example.org
key: "host.example.org,{{ host_IP }} {{ host_key.stdout }}"
become: yes
become_user: the_user_that_needs_to_execute_ssh