When you’ve the multiple servers as PR/DR or if you've the application running on the multi node cluster if the strict host key checking on the OS is enabled by default.
You might get the below weird error but you can fix this by editing the known_host file on the ssh directory.
[ unixuser ~] $ sftp infadv@infadv.host.server.com
Connecting to sftp infadv@infadv.host.server.com...
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for infadv.host.server.comhas changed,
and the key for the according IP address 1.123.123.12
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
21:26:cd:12:4b:1e:36:d4:d2:54:45:88:a9:d4:67:8c.
Please contact your system administrator.
Add correct host key in /home/unixuser/.ssh/known_hosts to get rid of this message.
Offending key in /home/unixuser/.ssh/known_hosts:9
RSA host key for prinftrebi.treasury.corp.ge.com has changed and you have requested strict checking.
Host key verification failed.
Couldn't read packet: Connection reset by peer
[ unixuser ~] $
Solution :
Pls follow the below steps on the source server (infadv@infadv.host.server.com) from where you are doing the sftp.
1. Take a backup of the exiting file/home/unixuser/.ssh/known_hosts as /home/unixuser/.ssh/known_hosts_09102014.
2. Search for the pattern infadv@infadv.host.server.com in /home/unixuser/.ssh/known_hosts file
3. Comment the entire line associated with infadv@infadv.host.server.com from /home/unixuser/.ssh/known_hosts file.
4. Save the /home/unixuser/.ssh/known_hosts file.
5. Once you save the above file run the sftp infadv@infadv.host.server.com
6. The above command prompts to accept whether to add the host key in the known host file, Say yes & known host file will be updated with new key.
7. Now uncomment the commented section in step 3.
Hi, I find reading this article a joy. It is extremely helpful and interesting and very much looking forward to reading more of your work.. drivelineretail.com
ReplyDeleteIf it weren't for the numerous authors who came before me and showed me what was possible, I wouldn't be writing; I learnt a lot from your essay. Well, I'm currently collaborating with assistance with dissertation writing to get some unique information and assistance. Yes, I am aware that we can see the strange error below, but we can resolve it by modifying the known host file located in the ssh directory.
ReplyDelete