This issue has been resolved. A former sysadmin disabled the ssh-rsa host keys. They have been re-enabled and the problem has been solved. While investigating this issue, it was discovered that Proxmox prefers broken keys (ssh-rsa) over less-broken keys (ed25519).
I have ALREADY reviewed the posts at:
THESE HAVE NOT HELPED THIS PROBLEM.
I have two Proxmox hosts, pve-hpg201 and pve-hpg501. When I access the web interface on pve-hpg201 (https://pve-hpg201:8006/) and I attempt to access the shell on host pve-hpg501, I receive the error message:
Every time I execute
Proxmox puts back
I have executed
I have executed
Something in Proxmox changed to cause this issue. I have no reason and no need to change ssh_known_hosts.
Any assistance with this issue is appreciated.
I have ALREADY reviewed the posts at:
https://forum.proxmox.com/threads/warning-remote-host-identification-has-changed.110186/https://forum.proxmox.com/threads/obsolete-ssh-host-key-certificates-how-to-bypass-ssh-known_hosts-bug-s.137809/#post-640203THESE HAVE NOT HELPED THIS PROBLEM.
I have two Proxmox hosts, pve-hpg201 and pve-hpg501. When I access the web interface on pve-hpg201 (https://pve-hpg201:8006/) and I attempt to access the shell on host pve-hpg501, I receive the error message:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!Someone could be eavesdropping on you right now (man-in-the-middle attack)!It is also possible that a host key has just been changed.The fingerprint for the ED25519 key sent by the remote host isSHA256:TRkDiZh9B/M6jE79QPw41xmgX6oPJf9YmpJHsHEMQhw.Please contact your system administrator.Add correct host key in /etc/pve/nodes/pve-hpg501/ssh_known_hosts to get rid of this message.Offending RSA key in /etc/pve/nodes/pve-hpg501/ssh_known_hosts:1 remove with: ssh-keygen -f "/etc/pve/nodes/pve-hpg501/ssh_known_hosts" -R "pve-hpg501"Host key for pve-hpg501 has changed and you have requested strict checking.Host key verification failed.Every time I execute
systemctl restart pve-cluster pvedaemon pveproxyProxmox puts back
/etc/pve/nodes/pve-hpg501/ssh_known_hosts with an apparently stale ssh-rsa key that seems to be causing this issue.I have executed
pvecm updatecerts -F and the problem still persists.I have executed
ssh-keygen -f "/etc/pve/nodes/pve-hpg501/ssh_known_hosts" -R "pve-hpg501" and now I receive an Error message stating: Host key verification failed. when attempting to connect.Something in Proxmox changed to cause this issue. I have no reason and no need to change ssh_known_hosts.
Any assistance with this issue is appreciated.
Last edited: