How do I update the RSA host key for Mesabi following the upgrade to CentOS 7.5?
During August 2018 Maintenance MSI staff upgraded Mesabi to CentOS 7.5. During the upgrade, the old RSA host keys for Mesabi were not preserved. As a result following the upgrade, users may experience the error below when trying to login to Mesabi.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
a6:2c:e9:7a:3b:6c:ad:fb:3e:45:2a:28:f9:5a:72:e3.
Please contact your system administrator.
Resolve this error by removing Mesabi from the known_hosts file. Run the command below on the login node:
ssh-keygen -R mesabi
You should now be able to login to Mesabi. You will be asked to add the new server fingerprint, type yes and press return. Below is a step by step example.
The host key (red text box in the image below) needs to match one of these four fingerprints. The fingerprints are shown in bold and are underlined.
MD5:a5:ad:db:b0:72:30:6e:97:55:91:4f:d9:f5:85:92:be host_ecdsa_ln0006 (ECDSA)
SHA256:oZ0OiPMttmoqZdUypnEbVifg3d0bbE+xQRdF54DIE7c host_ecdsa_ln0006 (ECDSA)
SHA256:wk1tznpw3DMPOKHVJ9jvPSt0izD0q+u99A2jeHlsT6c host_rsa_ln0006 (RSA)
MD5:9a:d4:97:38:29:8c:7e:b5:f4:7a:63:37:3b:0b:6c:4c host_rsa_ln0006 (RSA)
