[SOLVED] How to recreate symlink

K

kafisatz

New Member
Jan 14, 2023
22
9
3
On two of my cluster nodes, I don't have a symlink for ssh_known_hosts (see screenshot).
How can I create such a symlink?
Do I need to delete the file in
Code: 
/etc/ssh
or the one in
Code: 
/ec/pve/priv/
before creating the symlink?

I think
Code: 
ls -l
should eventually show
Code: 
ssh_known_hosts -> /etc/pve/priv/known_hosts

1698302376641.png
 
kafisatz said:
On two of my cluster nodes, I don't have a symlink for ssh_known_hosts (see screenshot).
How can I create such a symlink?
Do I need to delete the file in
Code: 
/etc/ssh
or the one in
Code: 
/ec/pve/priv/
before creating the symlink?

I think
Code: 
ls -l
should eventually show
Code: 
ssh_known_hosts -> /etc/pve/priv/known_hosts

View attachment 57123
Click to expand...
Hi,
did you manually change something that got the symlink removed? To recreate the symlink, you can move the current file to a backup file mv /etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts.bak and then recreate the symlink via cd /etc/ssh && ln -s /etc/pve/priv/known_hosts ssh_known_hosts.
 
  • Like
Reactions: kafisatz
This worked like a char thanks. And you were much faster than reddit (where I got no answer in 15h) :)
After your answer, my understanding is that the file in /etc/pve/priv is the 'true file' and the file in /etc/ssh is the 'link'.

To answer your quetsions.
I broke two of my nodes (out of 3) and had to reinstall both of them and add them back to the cluster (and recreate all of ceph).....
 
tomstephens89 said:
I have just noticed this for my relativeley new cluster as well.

No symlink on 2 of my 3 nodes.

Is this a bug? How is host key auth working if there is no known hosts file?
Click to expand...
PVE internally just pins the host key now. you are free to implement whatever scheme you want for your manual connections. each node will put its own host key into /etc/pve/nodes/$NODE/ssh_known_hosts
 
fabian said:
PVE internally just pins the host key now. you are free to implement whatever scheme you want for your manual connections. each node will put its own host key into /etc/pve/nodes/$NODE/ssh_known_hosts
Click to expand...
Ok, so if I am readding a cluster node with the same name/IP/FQDN after removal and rebuild then I just run pvecm update certs on it after adding back in?
 
as part of joining it should do that automatically. if you've pinned the old host key somewhere you still need to update it there, but PVE itself doesn't care ;)
 
fabian said:
as part of joining it should do that automatically. if you've pinned the old host key somewhere you still need to update it there, but PVE itself doesn't care ;)
Click to expand...
Ok then, shouldn't have an issue rejoining then as we havn't manually pinned any keys. To remove the dead node, we simply ran PVECM delnode XXXX and then removed the nodes folder from the cluster filesystem.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back