Bug #18645

Remote command fails due to HostKeyMismatch

Added by Duncan Innes about 1 year ago. Updated about 1 year ago.

Assigned To:-
Target version:Foreman - Team Ivan backlog
Difficulty: Pull request:
Bugzilla link:
Story points-
Velocity based estimate-


Host has been deployed and Remote Execution tested with 'uptime' command scheduled. Working.

Host is rebuilt (same IP, MAC, hostname etc).

Remote Execution tested again with 'uptime' command. Fail.

Error message is:

Error initializing command: Net::SSH::HostKeyMismatch - fingerprint 84:2f:bc:c8:79:b8:2e:f8:50:8c:a0:66:39:62:88:d3 does not match for ""

This is understandable as the new host will have a different fingerprint to the original one. Removing the offending entry in /usr/share/foreman-proxy/.ssh/known_hosts allows Remote Execution to run as expected. Should this manual stage be necessary? It's not such a niche thing to be doing (rebuilding hosts) with the advent of the "build'n'burn" mindset.

Should the old key be removed from foreman-proxy when the rebuild is initiated? Or perhaps a more robust method of key storage with the keys imported at registration time?

Related issues

Duplicated by Foreman Remote Execution - Bug #21449: Remote Execution engine: Error initializing command: Net:... New 10/25/2017


#1 Updated by Ivan Necas about 1 year ago

  • Target version set to Team Ivan backlog

#2 Updated by Alex Fisher 3 months ago

  • Duplicated by Bug #21449: Remote Execution engine: Error initializing command: Net::SSH::HostKeyMismatch - fingerprint 20:a9:b7:45:1a:b7:d6:42:1e:03:d1:1f:06:20:4c:e2 does not match for "" added

Also available in: Atom PDF