Remove line in host's known_host file through Vagrant

remove line from hosts file through bat script
powershell remove line from hosts file
bat add to hosts
edit hosts file windows 10 command line
windows override hosts file
script to copy new hosts file to all computers
windows host file command line
batch file to edit hosts file windows 10

I've narrowed down this question - regarding a MySQL over SSH connection only working once - to a conflicting line in my host computer's known_hosts file.

Essentially, I can not get into my Database GUI of choice because the key is different for the same IP address (after re-provisioning, reloading, etc.).

Once I delete any offending lines, I can get in just fine.

So, through Vagrant's shell command (that I'm provisioning with) how can I modify the host machine's ~/.ssh/known_hosts file?

EDIT: I found a temp fix that involves adding/creating a ~/.ssh/config file (this involves using a private IP address):

Host 192.168.*.*
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null

Should let you in. Not a real fix, as this kind of fix can be a security concern. Look below for much better answer.

Sorry for taking you away from what you need!

Changing HOST files from Vagrantfile:

What you actually want is very simple. Vagrantfile is interpreted by Vagrant each time you run vagrant command. It is regular ruby code, so if you want to change HOST file, all you need to do is to put in the Vagrantfile Ruby code that performs this change. Here's the example code I've put at the end of my Vagrantfile:

require 'tempfile' 
require 'fileutils'  

path = '~/.ssh/known_hosts' 
temp_file ='foo') 
begin, 'r') do |file|
    file.each_line do |line|
      if line !~ /REGEX_OF_LINE_YOU_WANT_TO_EXCLUDE/ then
        temp_file.puts line
  temp_file.rewind, path) 

Note to edit the code above by putting your own value for REGEX_OF_LINE_YOU_WANT_TO_EXCLUDE.

Hope I at least partially fixed my mistake by providing this answer :)

Original Answer

For anyone's (mine as well) future reference, I'm leaving part of the answer that refers to changing GUEST OS files or copying files to GUEST OS:

Vagrant provides couple of provisioners.

Solution number 1: For simple file copy you may use Vagrant file provisioner. Following code in your Vagrantfile would copy the file ~/known_hosts.template from your host system to VM's file /home/vagrant/.ssh/known_hosts

# Context -------------------------------------------------------
Vagrant.configure('2') do |config|
  # ...

  # This is the section to add ----------------------------------
  config.vm.provision :file do |file|
    file.source      = '~/known_hosts.template'
    file.destination = '/home/vagrant/.ssh/known_hosts'

File provisioner is poorly documented on Vagrant site, and we've got to thank @tmatilai who had answered similar question on serverfault.

Keep in mind that you should use absolute paths in destination field, and that copying is being performed by vagrant user, so file will have vagrant's owner:group.

Solution number 2: If you need to copy file with a root privileges, or really have to change the file without using templates, consider using well documented shell provisioner. File copying in this case would work only if you have the file placed in the folder visible from within the VM(guestOS), but you have all the power of shell.

Solution number 3: Though it would be overkill in this case, you might use very powerful Chef or Puppet as provisioners, and perform action via one of those frameworks. I know nothing about Puppet, and may talk only about Chef. Cookbook would be very simple. Create template file (.erb) with desired content, and then your recipe will just place the file where necessary. Of course you'll need a box with Chef packeges in it.

I need help to delete a line from host text file using batch script. File is located in C:\Windows\System32\drivers\etc. Name of file is host*. There is IP address on  The hosts file is a simple mapping of IP addresses and hostnames. Each entry goes on a newline, with the IP address (that’s the numerical address) first, followed by a space or tab character and

I use plain ssh to enter my machines in order to do provisioning:

$ ssh-add ~/.vagrant.d/insecure_private_key

With this setup the known hosts is bound to give problems, but I do not want to turn off the host key checking as I use that also for external hosts. Given my hosts include pattern foo, I did this on the shell:

$ ssh -i '' '/foo/d' ~/.ssh/known_hosts

Remove the empty '' argument after -i if you have GNU/linux host in stead of BSD/MacOSX.

You can then install the vagrant trigger plugin:

$ vagrant plugin install vagrant-triggers

And add the above snippet to the Vagrantfile (mind the backticks):

config.trigger.after :destroy do
   puts "Removing known host entries"
   `sed -i '' '/foo/d' ~/.ssh/known_hosts`

The file is truncated when you redirect output using > , before the sed command actually runs. BSD sed. Use sed -i .bak '/^127\.0\.0\.1[[:space:]]/d' hosts instead  That is because unlike batch's ability to easily add a line to a text file if needed, it can't easily delete a line. What you end up having to do is copy the hosts file, leaving out the line(s) you want to "delete", delete the original hosts file, and rename the copied file to the original hosts file's name.

This is what I do:

I define the IP_ADDRESS and DOMAIN_NAME variables at the top of the Vagrantfile.

Then inside Vagrant.configure I add:

config.trigger.after :destroy do |trigger| = "Removing known_hosts entries" = {inline: "ssh-keygen -R #{IP_ADDRESS}"} = {inline: "ssh-keygen -R #{DOMAIN_NAME}"}

I wrote a module a while back that provides a bunch of Cmdlets for managing the hosts file. It also supports tab completion of the hosts, which is  Modify Add, Remove - Windows Hosts File Locally and Remotely - PowerShell You can Modify Add, Remove - Windows hosts File Locally and Remotely using this PowerShell script.This script has 4 parts #1st part is about adding hosts records, in local computer or can we deployed via Login script in gpo.# 2nd part is to modify, replace or remove any host entr

Remove Line Containing String From Hosts File for All PCs in a Domain. Script Sharing. Recently we had to perform a server migration to a new datacenter. This will output the contents of %HOSTS% without any lines containing This won't tell you if the line you wanted to filter was in the file or not, but will give you a file without that address in it.

So its just easy to edit my hosts file via this batch script, but its very annoying to revert the change, becuz to get facebook back, i hav to delete  I need to remove one line of code in a Cisco 2811 router, without removing the entire ACL. I'm used to making these changes in firewalls, but have figured out it's a little different in the router.

To delete Windows Hosts file entries select the whole line and press the delete button on the keyboard. You may also add # in front of any line to  for removing a host, if you simply append a `n at the end of each line, then just write out the newLines as a text, it saves exponential work compared to simply writing over the files n times (# of lines)!

  • Oh, my freaking God! I completely missed "host" word! D: My answer is all about guest OS! (facepalm) I led you to totaly wrong direction. Sorry
  • Edited my answer. Now it's actually an answer to your question. Sorry for the inconvenience!
  • Thanks for the information! Will definitely look into it. Mitchell has replied on Github as I also filed a bug for this with some good information, basically explaining this is a bug that has been fixed in the git version of Vagrant, but no in the installer yet.
  • There also was a suggestion to use a ~/.ssh/config file with the selected IP (I was using a private IP, so that seems like it could work well too) to disable checking and storing in the known_hosts file for that given request. I appreciate the Hammer solution, and I'm currently strengthening my skills with Puppet and Chef as I go to understand your solution too. However, I'm having a lot of problems with Puppet right now even configuring a base webserver, so it may be some time before I can implement anything.
  • But if I disable host key checking only for local IPs (or that private IP I use over and over for all Vagrant) am I not still checking it on every other outbound request that setting isn't limited to?
  • do you mean $ sed -i '' '/foo/d' ~/.ssh/known_hosts instead of $ ssh -i '' '/foo/d' ~/.ssh/known_hosts ?