12-18-2013 06:10 AM
We have recently gone through and replaced a number of our aging C650 Ironports with new X1070 security appliances. As these replaced in-production devices, they were configured with the same IP addresses and hostnames of the older one. When we have gone back to our M670 Managmenet Appliance, we are no longer retrieving reporting on the new devices. When we try to test connectivity to the devices in the security appliances feature, the M670 returns:
Error: The host key for X.X.X.X appears to have changed.
We have gone through the process of deleting the devices, commiting the configs, then re-adding. We have also issued new SSH keys for the admin user on both the M670 and the X1070's, as well as new keys for the logconfig. Neither removed the error. Normally in other SSH deployments, we would remove the older keys from the .ssh\known_hosts, but I have not found that option.
Solved! Go to Solution.
12-18-2013 06:13 AM
Try this...
From the SMA (Security Managment Appliance), log in, and visit the following from the GUI: Centralized Services -> Security Appliances
You will need to select the Appliance Name that has been updated.
You will need to "Establish Connection" again for this host. You will get the following error:
It is possible that someone is trying to hijack the encrypted connection to the remote host. Please use the logconfig->hostkeyconfig command to verify (and possibly update) the SSH host key for <<
This requires CLI access to the SMA appliance, and running the following:
> logconfig -> hostkeyconfig
Remove ALL keys associated with the IP address in question. Exit to the main CLI prompt, and COMMIT.
Return to the GUI: Centralized Services -> Security Appliances
Select the Appliance Name that has been updated.
Then also select "Test Connection".
Once complete, you will see:
Reporting capability check: OK
Tracking capability check: OK
Reporting service check: OK
Tracking service check: OK
Based on what is selected to be transferred from the appliance to the managment host.
Hope this helps!
-Robert
(*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)
12-18-2013 06:13 AM
Try this...
From the SMA (Security Managment Appliance), log in, and visit the following from the GUI: Centralized Services -> Security Appliances
You will need to select the Appliance Name that has been updated.
You will need to "Establish Connection" again for this host. You will get the following error:
It is possible that someone is trying to hijack the encrypted connection to the remote host. Please use the logconfig->hostkeyconfig command to verify (and possibly update) the SSH host key for <<
This requires CLI access to the SMA appliance, and running the following:
> logconfig -> hostkeyconfig
Remove ALL keys associated with the IP address in question. Exit to the main CLI prompt, and COMMIT.
Return to the GUI: Centralized Services -> Security Appliances
Select the Appliance Name that has been updated.
Then also select "Test Connection".
Once complete, you will see:
Reporting capability check: OK
Tracking capability check: OK
Reporting service check: OK
Tracking service check: OK
Based on what is selected to be transferred from the appliance to the managment host.
Hope this helps!
-Robert
(*If you have received the answer to your original question, and found this helpful/correct - please mark the question as answered, and be sure to leave a rating to reflect!)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide