Red Hat IdM: Difference between revisions
From wiki.vacula.xyz
(Created page with "== Fix/Remove SSH Host Pubkey from IdM Record == Manifests as the following: [lvacula@example.com@jumpbox ~]$ ssh root@10.0.0.1 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@...") |
No edit summary |
||
| Line 1: | Line 1: | ||
== Fix/Remove SSH Host Pubkey from IdM Record == | == Fix/Remove SSH Host Pubkey from IdM Record == | ||
Manifests as the following: | Manifests as the following: | ||
[lvacula@example.com@jumpbox ~]$ ssh root@10.0.0.1 | <nowiki>[lvacula@example.com@jumpbox ~]$ ssh root@10.0.0.1 | ||
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | |||
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ | |||
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | |||
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! | |||
Someone could be eavesdropping on you right now (man-in-the-middle attack)! | |||
It is also possible that a host key has just been changed. | |||
The fingerprint for the ED25519 key sent by the remote host is | |||
SHA256:GoCT9/BWiOSs+gRXtwu2ZgaaaswtPc6YT7VmKOE5PL0. | |||
Please contact your system administrator. | |||
Add correct host key in /home/lvacula/.ssh/known_hosts to get rid of this message. | |||
Offending ED25519 key in /var/lib/sss/pubconf/known_hosts:3 | |||
Host key for 10.0.0.1 has changed and you have requested strict checking. | |||
Host key verification failed.</nowiki> | |||
Fix by running | Fix by running | ||
ipa host-mod --sshpubkey= host.example.com | ipa host-mod --sshpubkey= host.example.com | ||
Latest revision as of 03:12, 21 August 2025
Fix/Remove SSH Host Pubkey from IdM Record
Manifests as the following:
[lvacula@example.com@jumpbox ~]$ ssh root@10.0.0.1 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ED25519 key sent by the remote host is SHA256:GoCT9/BWiOSs+gRXtwu2ZgaaaswtPc6YT7VmKOE5PL0. Please contact your system administrator. Add correct host key in /home/lvacula/.ssh/known_hosts to get rid of this message. Offending ED25519 key in /var/lib/sss/pubconf/known_hosts:3 Host key for 10.0.0.1 has changed and you have requested strict checking. Host key verification failed.
Fix by running
ipa host-mod --sshpubkey= host.example.com
