Quantum
Resolving Error Messages after Logging into a Storage Node for the First Time

Overivew

The first time you log into a Storage Node after installing a new node, replacing a node chassis, or decommissioning/replacing a node, you may see the following messages:

 

Message: "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!"

 

root@BRDNLCN01-mgmt:~# ssh 10.15.22.41
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
56:2e:b3:8e:a3:eb:ca:11:47:47:e8:ef:76:a4:47:cd.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:46
  remove with: ssh-keygen -f "/root/.ssh/known_hosts" -R 10.15.22.41
ECDSA host key for 10.15.22.41 has changed and you have requested strict checking.
Host key verification failed.


 

This message may initially cause concern, but it is nothing to worry about. Perform the procedure below to resolve the message.

Procedure

Do the following if you see the above message:

 

 

  1. Log in as root and run the following command:

# ssh-keygen -f "/root/.ssh/known_hosts" -R 10.15.22.41


 

The command specifies the filename of the key file as /root/.ssh/known_hosts and removes old keys belonging to 10.15.22.41 from the known host's file. The node displays the following output:

 

 

/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old

 

 

  1. Then create an SSH connection to the node:

# ssh 10.15.22.41

 

 

The following is an example of what you see when ssh’ing into a node without an entry in /root/.ssh/known_hosts:

 

 

The authenticity of host '10.15.22.41 (10.15.22.41)' can't be established.

ECDSA key fingerprint is 56:2e:b3:8e:a3:eb:ca:11:47:47:e8:ef:76:a4:47:cd.

Are you sure you want to continue connecting (yes/no)?

 

 

  1. Type yes to confirm that you want to connect and then press Enter.

Warning: Permanently added '10.15.22.41' (ECDSA) to the list of known hosts.
root@10.15.22.41's password:

 

 

An entry is added to /root/.ssh/known_hosts for 10.15.22.41.

 

Message: "Not replacing existing known_hosts file because of errors"

You can also receive an error if there are issues with the 'known_hosts' file. 

 

Example of the error:


# ssh-keygen -f "/root/.ssh/known_hosts" -R 10.15.22.92
line 248 too long: ...
/root/.ssh/known_hosts is not a valid known_hosts file.
Not replacing existing known_hosts file because of errors

 

 

Example of a corrupted known_hosts file:


# less /root/.ssh/known_hosts
(Go to bottom of the file)

|1|TkO1SVvBEIH15letm5g8k/8RCYs=|dWiQ9r0kd7V6+4MLPSgrwk1hbbw= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOAxnGnLvyh9m7dZF0ncbCyF2QEuSOmEb08KPuF0m/DA5eFFk53P3Ztk7tEQV+JjiW3xkNPKfq3udDfHVQAB53M=
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@
^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@|1|ooTCGuoLtRkdfFa1jRw4Kof2hR0=|T0rzpveTaXywmW6KRBYN5FXwQaI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBE31X9gSdjCtANEnBngFa8G9HsCha/2ZJZk8kMVHjV5h9xLnj0Jez/g1RO91akncCoDaCzvHqqtJLVULNPDQw7o=
 

Procedure

The workaround is to rename or remove the known_hosts file. A new file will be created when you ssh into the next storage node. An alternative workaround is to replace the existing known_hosts file with the known_hosts.old file (if available).

 

 


This page was generated by the BrainKeeper Enterprise Wiki, © 2018