We Keep Coding

Azure Pipelines is it possible to run bash command with sudo? [duplicate]

I am trying to compile some sources using a makefile. In the makefile there is a bunch of commands that need to be ran as sudo.
When I compile the sources from a terminal all goes fine and the make is paused the first time a sudo command is ran waiting for password. Once I type in the password, make resumes and completes.
But I would like to be able to compile the sources in NetBeans. So, I started a project and showed netbeans where to find the sources, but when I compile the project it gives the error:
sudo: no tty present and no askpass program specified
The first time it hits a sudo command.
I have looked up the issue on the internet and all the solutions I found point to one thing: disabling the password for this user. Since the user in question here is root. I do not want to do that.
Is there any other solution?

Granting the user to use that command without prompting for password should resolve the problem. First open a shell console and type:
sudo visudo
Then edit that file to add to the very end:
username ALL = NOPASSWD: /fullpath/to/command, /fullpath/to/othercommand
eg
john ALL = NOPASSWD: /sbin/poweroff, /sbin/start, /sbin/stop
will allow user john to sudo poweroff, start and stop without being prompted for password.
Look at the bottom of the screen for the keystrokes you need to use in visudo - this is not vi by the way - and exit without saving at the first sign of any problem. Health warning: corrupting this file will have serious consequences, edit with care!

Try:
Use NOPASSWD line for all commands, I mean:
jenkins ALL=(ALL) NOPASSWD: ALL
Put the line after all other lines in the sudoers file.
That worked for me (Ubuntu 14.04).

Try:
ssh -t remotehost "sudo <cmd>"
This will remove the above errors.

After all alternatives, I found:
sudo -S <cmd>
The -S (stdin) option causes sudo to read the password from the standard input instead of the terminal device.
Source
Above command still needs password to be entered. To remove entering password manually, in cases like jenkins, this command works:
echo <password> | sudo -S <cmd>

sudo by default will read the password from the attached terminal. Your problem is that there is no terminal attached when it is run from the netbeans console. So you have to use an alternative way to enter the password: that is called the askpass program.
The askpass program is not a particular program, but any program that can ask for a password. For example in my system x11-ssh-askpass works fine.
In order to do that you have to specify what program to use, either with the environment variable SUDO_ASKPASS or in the sudo.conf file (see man sudo for details).
You can force sudo to use the askpass program by using the option -A. By default it will use it only if there is not an attached terminal.

Try this one:
echo '' | sudo -S my_command

For Ubuntu 16.04 users
There is a file you have to read with:
cat /etc/sudoers.d/README
Placing a file with mode 0440 in /etc/sudoers.d/myuser with following content:
myuser ALL=(ALL) NOPASSWD: ALL
Should fix the issue.
Do not forget to:
chmod 0440 /etc/sudoers.d/myuser

Login into your linux. Fire following commands. Be careful, as editing sudoer is a risky proposition.
$ sudo visudo
Once vi editor opens make the following changes:
Comment out Defaults requiretty
# Defaults requiretty
Go to the end of the file and add
jenkins ALL=(ALL) NOPASSWD: ALL

If by any chance you came here because you can't sudo inside the Ubuntu that comes with Windows10
Edit the /etc/hosts file from Windows (with Notepad), it'll be located at: %localappdata\lxss\rootfs\etc, add 127.0.0.1 WINDOWS8, this will get rid of the first error that it can't find the host.
To get rid of the no tty present error, always do sudo -S <command>

This worked for me:
echo "myuser ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
where your user is "myuser"
for a Docker image, that would just be:
RUN echo "myuser ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

In Jenkins:
echo '<your-password>' | sudo -S command
Eg:-
echo '******' | sudo -S service nginx restart
You can use Mask Password Plugin to hide your password

Make sure the command you're sudoing is part of your PATH.
If you have a single (or multi, but not ALL) command sudoers entry, you'll get the sudo: no tty present and no askpass program specified when the command is not part of your path (and the full path is not specified).
You can fix it by either adding the command to your PATH or invoking it with an absolute path, i.e.
sudo /usr/sbin/ipset
Instead of
sudo ipset

Command sudo fails as it is trying to prompt on root password and there is no pseudo-tty allocated (as it's part of the script).
You need to either log-in as root to run this command or set-up the following rules in your /etc/sudoers
(or: sudo visudo):
# Members of the admin group may gain root privileges.
%admin ALL=(ALL) NOPASSWD:ALL
Then make sure that your user belongs to admin group (or wheel).
Ideally (safer) it would be to limit root privileges only to specific commands which can be specified as %admin ALL=(ALL) NOPASSWD:/path/to/program

I think I can help someone with my case.
First, I changed the user setting in /etc/sudoers referring to above answer. But It still didn't work.
myuser ALL=(ALL) NOPASSWD: ALL
%mygroup ALL=(ALL:ALL) ALL
In my case, myuser was in the mygroup.
And I didn't need groups. So, deleted that line.
(Shouldn't delete that line like me, just marking the comment.)
myuser ALL=(ALL) NOPASSWD: ALL
It works!

Running shell scripts that have contain sudo commands in them from jenkins might not run as expected. To fix this, follow along
Simple steps:
On ubuntu based systems, run " $ sudo visudo "
this will open /etc/sudoers file.
If your jenkins user is already in that file, then modify to look like this:
jenkins ALL=(ALL) NOPASSWD: ALL
save the file
Relaunch your jenkins job
you shouldnt see that error message again :)

This error may also arise when you are trying to run a terminal command (that requires root password) from some non-shell script, eg sudo ls (in backticks) from a Ruby program. In this case, you can use Expect utility (http://en.wikipedia.org/wiki/Expect) or its alternatives.
For example, in Ruby to execute sudo ls without getting sudo: no tty present and no askpass program specified, you can run this:
require 'ruby_expect'
exp = RubyExpect::Expect.spawn('sudo ls', :debug => true)
exp.procedure do
each do
expect "[sudo] password for _your_username_:" do
send _your_password_
end
end
end
[this uses one of the alternatives to Expect TCL extension: ruby_expect gem].

For the reference, in case someone else encounter the same issue, I was stuck during a good hour with this error which should not happen since I was using the NOPASSWD parameter.
What I did NOT know was that sudo may raise the exact same error message when there is no tty and the command the user try to launch is not part of the allowed command in the /etc/sudoers file.
Here a simplified example of my file content with my issue:
bguser ALL = NOPASSWD: \
command_a arg_a, \
command_b arg_b \
command_c arg_c
When bguser will try to launch "sudo command_b arg_b" without any tty (bguser being used for some daemon), then he will encounter the error "no tty present and no askpass program specified".
Why?
Because a comma is missing at the end of line in the /etc/sudoers file...
(I even wonder if this is an expected behavior and not a bug in sudo since the correct error message for such case shoud be "Sorry, user bguser is not allowed to execute etc.")

I was getting this error because I had limited my user to only a single executable 'systemctl' and had misconfigured the visudo file.
Here's what I had:
jenkins ALL=NOPASSWD: systemctl
However, you need to include the full path to the executable, even if it is on your path by default, for example:
jenkins ALL=NOPASSWD: /bin/systemctl
This allows my jenkins user to restart services but not have full root access

If you add this line to your /etc/sudoers (via visudo) it will fix this problem without having to disable entering your password and when an alias for sudo -S won't work (scripts calling sudo):
Defaults visiblepw
Of course read the manual yourself to understand it, but I think for my use case of running in an LXD container via lxc exec instance -- /bin/bash its pretty safe since it isn't printing the password over a network.

Using pipeline:
echo your_pswd | sudo -S your_cmd
Using here-document:
sudo -S cmd <<eof
pwd
eof
#remember to put the above two lines without "any" indentations.
Open a terminal to ask password (whichever works):
gnome-terminal -e "sudo cmd"
xterm -e "sudo cmd"

I faced this issue when working on an Ubuntu 20.04 server.
I was trying to run a sudo command from a remote machine to deploy an app to the server. However when I run the command I get the error:
sudo: no tty present and no askpass program specified
The remote script failed with exit code 1
Here's how I fixed it:
The issue is caused by executing a sudo command which tries to request for a password, but sudo does not have access to a tty to prompt the user for a passphrase. As it can’t find a tty, sudo falls back to an askpass method but can’t find an askpass command configured, so the sudo command fails.
To fix this you need to be able to run sudo for that specific user with no password requirements. The no password requirements is configured in the /etc/sudoers file. To configure it run either of the commands below:
sudo nano /etc/sudoers
OR
sudo visudo
Note: This opens the /etc/sudoers file using your default editor.
Next, Add the following line at the bottom of the file:
# Allow members to run all commands without a password
my_user ALL=(ALL) NOPASSWD:ALL
Note: Replace my_user with your actual user
If you want the user to run specific commands you can specify them
# Allow members to run specific commands without a password
my_user ALL=(ALL) NOPASSWD:/bin/myCommand
OR
# Allow members to run specific commands without a password
my_user ALL=(ALL) NOPASSWD: /bin/myCommand, /bin/myCommand, /bin/myCommand
Save the changes and exit the file.
For more help, read the resource in this link: sudo: no tty present and no askpass program specified
That's all.
I hope this helps

The solution to the problem is
If you came across this issue anywhere else apart from the Jenkins instance follow this from the 2nd step. The first step is for the user who is having issue with the Jenkins instance.
Go to Jenkins instance of Google Cloud Console.
Enter the commands
sudo su
visudo -f /etc/sudoers
Add following line at the end
jenkins ALL= NOPASSWD: ALL
Checkout here to understand the rootcause of this issue

No one told what could cause this error, in case of migration from one host to another, remember about checking hostname in sudoers file:
So this is my /etc/sudoers config
User_Alias POWERUSER = user_name
Cmnd_Alias SKILL = /root/bin/sudo_auth_wrapper.sh
POWERUSER hostname=(root:root) NOPASSWD: SKILL
if it doesn't match
uname -a
Linux other_hostname 3.10.17 #1 SMP Wed Oct 23 16:28:33 CDT 2013 x86_64 Intel(R) Core(TM) i3-4130T CPU # 2.90GHz GenuineIntel GNU/Linux
it will pop up this error:
no tty present and no askpass program specified

Other options, not based on NOPASSWD:
Start Netbeans with root privilege ((sudo netbeans) or similar) which will presumably fork the build process with root and thus sudo will automatically succeed.
Make the operations you need to do suexec -- make them owned by root, and set mode to 4755. (This will of course let any user on the machine run them.) That way, they don't need sudo at all.
Creating virtual hard disk files with bootsectors shouldn't need sudo at all. Files are just files, and bootsectors are just data. Even the virtual machine shouldn't necessarily need root, unless you do advanced device forwarding.

Although this question is old, it is still relevant for my more or less up-to-date system. After enabling debug mode of sudo (Debug sudo /var/log/sudo_debug all#info in /etc/sudo.conf) I was pointed to /dev: "/dev is world writable". So you might need to check the tty file permissions, especially those of the directory where the tty/pts node resides in.

I was able to get this done but please make sure to follow the steps properly.
This is for the anyone who is getting import errors.
Step1: Check if files and folders have got execute permission issue.
Linux user use:
chmod 777 filename
Step2: Check which user has the permission to execute it.
Step3: open terminal type this command.
sudo visudo
add this lines to the code below
www-data ALL=(ALL) NOPASSWD:ALL
nobody ALL=(ALL) NOPASSWD:/ALL
this is to grant permission to execute the script and allow it to use all the libraries. The user generally is 'nobody' or 'www-data'.
now edit your code as
echo shell_exec('sudo -u the_user_of_the_file python your_file_name.py 2>&1');
go to terminal to check if the process is running
type this there...
ps aux | grep python
this will output all the process running in python.
Add Ons:
use the below code to check the users in your system
cut -d: -f1 /etc/passwd
Thank You!

1 open /etc/sudoers
type sudo vi /etc/sudoers. This will open your file in edit mode.
2 Add/Modify linux user
Look for the entry for Linux user. Modify as below if found or add a new line.
<USERNAME> ALL=(ALL) NOPASSWD: ALL
3 Save and Exit from edit mode

I had the same error message when I was trying to mount sshfs which required sudo : the command is something like this :
sshfs -o sftp_server="/usr/bin/sudo /usr/lib/openssh/sftp-server" user#my.server.tld:/var/www /mnt/sshfs/www
by adding the option -o debug
sshfs -o debug -o sftp_server="/usr/bin/sudo /usr/lib/openssh/sftp-server" user#my.server.tld:/var/www /mnt/sshfs/www
I had the same message of this question :
sudo: no tty present and no askpass program specified
So by reading others answer I became to make a file in /etc/sudoer.d/user on my.server.tld with :
user ALL=NOPASSWD: /usr/lib/openssh/sftp-server
and now I able to mount the drive without giving too much extra right to my user.

Below actions work for on ubuntu20
edit /etc/sudoers
visudo
or
vi /etc/sudoers
add below content
userName ALL=(ALL) NOPASSWD: ALL
%sudo ALL=(ALL:ALL) NOPASSWD:ALL

I'm not sure if this is a more recent change, but I just had this problem and sudo -S worked for me.

systemclt services and ssh

I have a simple bash script that makes a call to a git repository on github (/home/user/simple_git.sh):
#!/bin/bash
# Change to the Git repoistory
cd /home/user/git/a_git_repo
remote=$(
git ls-remote -h origin master |
awk '{print $1}'
)
local=$(
git rev-parse HEAD
)
printf "Local : %s\nRemote: %s\n" $local $remote
It gives the following output:
Local : a10dc1d7d30ed67ed1e514a3c1ffc5a824cea14b
Remote: a10dc1d7d30ed67ed1e514a3c1ffc5a824cea14b
git authentication is done via ssh keys - the following is my my .bashrc
# ssh
eval `ssh-agent -s`
ssh-add
The script runs just fine as user as well as with sudo (by preserving the user environment) ie.
~/.simple_git.sh
or
sudo -E ~/simple_git.sh
However, I've still not yet found a way to run the script as a service (/etc/systemd/user/simple_git.service or /etc/systemd/system/simple_git.service)
[Unit]
Description=TestScript
[Service]
Type=simple
ExecStart=/home/user/simple_git.sh
I've tried running the systemctl command with the --user option as well as modifying visudo to include the line
Defaults env_keep += SSH_AUTH_SOCK
but to no avail. Everytime I check the status of the job:
Feb 21 23:16:00 alarmpi systemd[484]: Started TestScript.
Feb 21 23:16:01 alarmpi simple_git.sh[15255]: Permission denied (publickey).
Feb 21 23:16:01 alarmpi simple_git.sh[15255]: fatal: Could not read from remote repository.
Feb 21 23:16:01 alarmpi simple_git.sh[15255]: Please make sure you have the correct access rights
Feb 21 23:16:01 alarmpi simple_git.sh[15255]: and the repository exists.
Feb 21 23:16:01 alarmpi simple_git.sh[15255]: Local : a10dc1d7d30ed67ed1e514a3c1ffc5a824cea14b

Systemd is not running the service with your environment variables from your session. I would recommend you to
Use git using https, which will not require authentication (instead of ssh)
Create an unprotected "deploy key", which will be in standard location (~alarmpi/.ssh/id_rsa), which will get picked up by git automatically without ssh-agent.

At this time (working practise policy) it was not possible to use https to connect to github. While the idea of an unprotected deploy-key is useful I ended up using systemctl --user import-environment (wiki.archlinux.org/index.php/Systemd/User) to mange the issue at this time.

CentOS, mod_evasive log write permissions and email issue

i'm on CentOS 6.5 now,
installed mod_evasive some time ago but email notify and logging never worked...
into messages log i have many lines like this...
mod_evasive[4548]: Couldn't open logfile /var/log/httpd/evasive/dos-157.xxx.xxx.xxx: Permission denied
on CentOS I thought that the owner of the directory /var/log/httpd/evasive should be "apache" and that is with 755..
no way...
then, mailx is already installed and updated... someone says to see into mod_evasive20.c but i can't find this mod_evasive20.c file on my CentOS... where can be? is it possible to send with sendmail instead of mailx? thanks

On CentOS /var/log/httpd has permission 700 and is owned by root, so you need to move /var/log/httpd/evasive to /var/log/evasive and do:
chown 0:apache /var/log/evasive
chmod 770 /var/log/evasive
If you use SELinux:
semanage fcontext --add -t httpd_sys_rw_content_t "/var/log/evasive(/.*)?"
restorecon -r /var/log/evasive
And add this line to /etc/httpd/conf.d/mod_evasive.conf:
DOSLogDir /var/log/evasive

Ok, you're facing two problems, first file permission to mod_evasive logdir and second the mail command isn't found.
1) file permission to "DOSLogDir"
You must ensure the apache's user has execute and write permissions through the whole directory tree to target "DOSLogDir".
See this example from an ubuntu system
root#ubuntu:/var/log# ll
drwxr-xr-x 3 root adm 4096 Mar 10 14:06 apache2/
root#ubuntu:/var/log# ll apache2
drwxrwxr-x 2 root www-data 4096 Mar 10 14:25 mod_evasive/
root#ubuntu:/var/log# ll apache2/mod_evasive/
-rw-r--r-- 1 www-data www-data 5 Mar 10 14:25 dos-172.16.245.1
-rw-r--r-- 1 www-data www-data 5 Mar 10 14:19 dos-172.16.245.129
2) access mail binary
The mail binary is defined in mod_evasive20.c indeed, row 45 :
#define MAILER "/bin/mail %s"
Try to get a symlink on mailx to be used by mod_evasive
ln -s $(which mailx) /bin/mail

understood,
for whom have the same problem hope this helps...
if mod_evasive is not able to write on the dir it doesn't even send the email
so commented out the DOSLogDir and so it writes to tmp...
don't know if can use another directory but for the moment problem is solved

I had faced the same issue while creating new project into the centos7.
ErrorLog /var/log/httd/mydomain_error.log
CustomLog /var/log/httpd/mydomain_access.log
Solution:
You need to disable the SELinux and Your issue will be resolved.
FOr that you need to follow the following steps.
1) Check the SELinux Status
sestatus
OutPut will be like this
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
2) Disable SELinux
You can temporarily change the SELinux mode from targeted to permissive with the following command:
sudo setenforce 0
You can see more here : https://linuxize.com/post/how-to-disable-selinux-on-centos-7/

Failed to add the host to the list of know hosts

Mac OSX Lion 10.7.
In an effort to get around weird environment stuff (homebrew wasn't installing wget, and I had all sorts of weird blocks and errors), I uninstalled zschrc and homebrew and a bunch of other stuff, then installed fish shell.
Now, whenever I try to push/pull to/from github, I get this error:
The authenticity of host 'github.com (204.232.175.90)' can't be established.
RSA key fingerprint is <string of colon-separated chars that I should probs keep private>.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/Users/sasha/.ssh/known_hosts).
So I tried to check the permissions of my ~./ssh folder, and got this, which looks fine to me:
-rw-r--r-- 1 sasha staff 97B Jul 9 22:56 config
-rw------- 1 sasha staff 1.7K May 16 2012 id_rsa
-rw-r--r-- 1 sasha staff 403B May 16 2012 id_rsa.pub
drwx------ 5 sasha staff 170B Jul 15 09:56 known_hosts
All that's in known_hosts is a pem file I used for ssh'ing (also with the "authenticity..." prompt) to an Amazon ec2 instance, though I tried copying id_rsa and id_rsa.pub there when things got desperate.
Any idea what's going on? I'd love to fix this so I don't get prompted all the many times I push/pull.
EDIT I followed these instructions successfully a while ago, so I do have my ssh keys on Github, and they're recognized, so that when I run ssh -T git#github.com, I get
Hi sashafklein! You've successfully authenticated, but GitHub does not provide shell access.
It seems to be exclusively my local computer that's unhappy with my ssh situation.

In your specific case, your known_hosts is a folder, so you need to remove it first.
For other people which experiencing similar issue, please check the right permission to your ~/ssh/known_hosts as it may be owned by different user (e.g. root). So you may try to run:
sudo chown -v $USER ~/.ssh/known_hosts
to fix it.

This is the solution i needed.
sudo chmod 700 ~/.ssh/
sudo chmod 600 ~/.ssh/*
sudo chown -R ${USER} ~/.ssh/
sudo chgrp -R ${USER} ~/.ssh/

For guys on Ubuntu, if you get this error:
Failed to add the host to the list of known hosts
Then simply delete the known_hosts file, and re-run your ssh. This will regenerate the known_host file with appropriate permissions, and add the remote host you are trying to ssh into to this file.

I think the OP's question is solved by deleting the ~/.ssh/known_hosts (which was a folder, not a file). But for other's who might be having this issue, I noticed that one of my servers had weird permissions (400):
-r--------. 1 user user 396 Jan 7 11:12 /home/user/.ssh/known_hosts
So I solved this by adding owner/user PLUS write.
chmod u+w ~/.ssh/known_hosts
Thus. ~/.ssh/known_hosts needs to be a flat file, and must be owned by you, and you need to be able to read and write to it.
You could always declare known_hosts bankruptcy, delete it, and continue doing things as normal, and connecting to things (git / ssh) will regenerate a new known_hosts that should work just fine.

Shouldn't known_hosts be a flat file, not a directory?
If that's not the problem, then this page on Github might be of some help. Try using SSH with the -v or -vv flag to see verbose error messages. It might give you a better idea of what's failing.

This command worked for me,
sudo chown -v $USER ~/.ssh/known_hosts
as mentioned by #kenorb.
The error was coming due to broken permissions, for the current user.

Okay so ideal permissions look like this
For ssh directory (You can get this by typing ls -ld ~/.ssh/)
drwx------ 2 oroborus oroborus 4096 Nov 28 12:05 /home/oroborus/.ssh/
d means directory, rwx means the user oroborus has read write and execute permission. Here oroborus is my computer name, you can find yours by echoing $USER. The second oroborus is actually the group. You can read more about what does each field mean here. It is very important to learn this because if you are working on ubuntu/osx or any Linux distro chances are you will encounter it again.
Now to make your permission look like this, you need to type
sudo chmod 700 ~/.ssh
7 in binary is 111 which means read 1 write 1 and execute 1, you can decode 6 by similar logic means only read-write permissions
You have given your user read write and execute permissions. Make sure your file permissions look like this.
total 20
-rw------- 1 oroborus oroborus 418 Nov 8 2014 authorized_keys
-rw------- 1 oroborus oroborus 34 Oct 19 14:25 config
-rw------- 1 oroborus oroborus 1679 Nov 15 2015 id_rsa
-rw------- 1 oroborus oroborus 418 Nov 15 2015 id_rsa.pub
-rw-r--r-- 1 oroborus root 222 Nov 28 12:12 known_hosts
You have given here read-write permission to your user here for all files.
You can see this by typing ls -l ~/.ssh/
This issue occurs because ssh is a program is trying to write to a file called known_hosts in its folder. While writing if it knows that it doesn't have sufficient permissions it will not write in that file and hence fail. This is my understanding of the issue, more knowledgeable people can throw more light in this.
Hope it helps

to me, i just do this :
rm -rf ~/.ssh/known_hosts
then :
i just ssh to the target host and all will be okay.
This only if you dont know, what permission and the default owner of "known_hosts" file.

just in case anyone else encounters this error message and the permissions on .ssh and .ssh/known_hosts look good.
My problem was that I had installed gh from snap and snap apps have limited access to the file system and apparently could not access .ssh. The solution is to remove the snap installation and install from apt.

It happened to me simply because of broken permissions. My user did not have read nor write access to that file. Fixing permissions fixed the problem

I generated the "ssh" key again and added to my git account. This worked for me.
Please find following commands to generate the "ssh-key":
$ ssh-keygen -t rsa -b 4096 -C "your_email#example.com"
-> This creates a new ssh key, using the provided email as a label.
Generating public/private rsa key pair.
-> When you're prompted to "Enter a file in which to save the key," press Enter. This accepts the default file location.
Enter a file in which to save the key (/home/you/.ssh/id_rsa): [Press enter]
-> At the prompt, type a secure passphrase. For more information, see "Working with SSH key passphrases"
Enter passphrase (empty for no passphrase): [Type a passphrase]
Enter same passphrase again: [Type passphrase again]
-> Your key is generated, to copy the key:
$ sudo cat /root/.ssh/id_rsa-pub
Hope this works!

For anyone interested, this one worked for me in Ubuntu:
Go to .ssh directory.
$ cd ~/.ssh
Remove the known_hosts file.
$ rm known_hosts
Re-push your Git changes.

I was having this issue and found that within ~/.ssh/config I had a line that read:
UserKnownHostsFile=/home/.ssh-agent/known_hosts
I just modified this line to read:
UserKnownHostsFile=~/.ssh/known_hosts
That fixed the problem for me.

It may be due to the fact that the known_hosts file is owned by another user i.e root in most cases.
You can visit the path directory given (/home/taimoor/.ssh/known_hosts in my case) and check if the root is the owner and change it to the default owner.
Example:
Error Description -
Before changing the owner -
After changing the owner -

"Failed to add the host to the list of know hosts"
Was also my error.
I tried chancing owner and rights.
And then i did see that it tried to write to "~/.ssh/known_hosts.d/"
Failed to add the host to the list of known hosts (~/.ssh/known_hosts.d/<hostname>).
if this also happens to you,
just create the folder:
mkdir ~/.ssh/known_hosts.d
chmod 700 ~/.ssh/known_hosts.d
While this wouldn't have Solved the Problem of the Original Poster, (since his system tryed to write to the "~/.ssh/known_hosts" file and not to an systemd directory like "~/.ssh/known_hosts.d/") i thought it would help others who searched for the same error message.
The difference is that when an system tries to write to an known_hosts file all host data will be contained there.
While in the directory it will create an file for each host in that directory.
For more info on such directories -> https://askubuntu.com/questions/7648/many-directories-have-a-d-suffix-extension-what-does-it-mean

#check permissions of directory and files.
ls -la ~/.ssh/
#in my case, ~/.ssh/known_hosts was owned by root.
sudo chown xxx:xxx ~/.ssh/known_hosts
#where xxx = my username
#then ssh to some server, the warning message will still appear until you have ssh'd in successfully once, to verify, exit and ssh in again.

Check permissions of the file, if it is good check parent directories
I had to correct
/home/sravindr/.ssh permissions which worked for me

it works with me when I tried the following commands
sudo chown $my_user .ssh/id_rsa
sudo chown $my_user .ssh/id_rsa.pub
sudo chown $my_user .ssh/known_hosts

This command worked for me,
sudo chmod +x ~/.ssh/known_hosts

I couldn't solve this despite all the above answers.
My solution was to move from ssh to https.

How do I change the owner/group of a file in my server?

I am getting a 500 error because the owner of some of my files is set incorrectly, its set at 0 0 when the rest are at 510 510?? How do I fix this, I've read something about ssh?

Yes, SSH is right. You need to use SSH to connect to your server (using openssh and the "ssh" program in Linux, or PuTTy in Windows) and issue the command webdestroya already posted:
$ ssh yourserver -l username <host>
OR
$ ssh yourserver [username#]<host>
And then issue the command to change your file permissions:
$ chown 510:510 thefile.file

chown 510:510 thefile.file

If it is a linux server, you can use the chown and chgrp commands to change the owner and group of a file.
You can also use the chmod command to change the permissions of a given file - EG: 777 means that everyone has access to a file (probably not what you want, just an example: