Bug #18645

Remote command fails due to HostKeyMismatch

Added by Duncan Innes 5 months ago. Updated 4 months ago.

Status:New
Priority:Normal
Assigned To:-
Category:-
Target version:Foreman - Team Ivan backlog
Difficulty: Pull request:
Bugzilla link:
Story points-
Velocity based estimate-

Description

Host has been deployed and Remote Execution tested with 'uptime' command scheduled. Working.

Host is rebuilt (same IP, MAC, hostname etc).

Remote Execution tested again with 'uptime' command. Fail.

Error message is:

Error initializing command: Net::SSH::HostKeyMismatch - fingerprint 84:2f:bc:c8:79:b8:2e:f8:50:8c:a0:66:39:62:88:d3 does not match for "192.168.122.5"

This is understandable as the new host will have a different fingerprint to the original one. Removing the offending entry in /usr/share/foreman-proxy/.ssh/known_hosts allows Remote Execution to run as expected. Should this manual stage be necessary? It's not such a niche thing to be doing (rebuilding hosts) with the advent of the "build'n'burn" mindset.

Should the old key be removed from foreman-proxy when the rebuild is initiated? Or perhaps a more robust method of key storage with the keys imported at registration time?

History

#1 Updated by Ivan Necas 4 months ago

  • Target version set to Team Ivan backlog

Also available in: Atom PDF