Bug #18645
openRemote command fails due to HostKeyMismatch
Description
Host has been deployed and Remote Execution tested with 'uptime' command scheduled. Working.
Host is rebuilt (same IP, MAC, hostname etc).
Remote Execution tested again with 'uptime' command. Fail.
Error message is:
Error initializing command: Net::SSH::HostKeyMismatch - fingerprint 84:2f:bc:c8:79:b8:2e:f8:50:8c:a0:66:39:62:88:d3 does not match for "192.168.122.5"
This is understandable as the new host will have a different fingerprint to the original one. Removing the offending entry in /usr/share/foreman-proxy/.ssh/known_hosts allows Remote Execution to run as expected. Should this manual stage be necessary? It's not such a niche thing to be doing (rebuilding hosts) with the advent of the "build'n'burn" mindset.
Should the old key be removed from foreman-proxy when the rebuild is initiated? Or perhaps a more robust method of key storage with the keys imported at registration time?
Updated by Alex Fisher over 6 years ago
- Has duplicate Bug #21449: Remote Execution engine: Error initializing command: Net::SSH::HostKeyMismatch - fingerprint 20:a9:b7:45:1a:b7:d6:42:1e:03:d1:1f:06:20:4c:e2 does not match for "172.17.0.101" added