maas-devel team mailing list archive

["Francis J. Lacoste" <francis.lacoste@xxxxxxxxxxxxx>]

On 12-04-25 11:17 AM, Michael Hughes wrote:
> Hi Francis. I'm continuing to test MAAS and seem to have what looks to
> me like an SSH error when I check juju's status:
> 
> $ juju status
> 
> The authenticity of host 'node1 (172.16.1.161)' can't be established.
> ECDSA key fingerprint is f7:9e:45:d4:1d:75:74:5d:ab:b8:b9:f3:c2:1e:ed:fc.
> Are you sure you want to continue connecting (yes/no)?
> 
> The documentation doesn't mention anything about this, so rather than
> typing 'yes' I figure it could be an anomaly you'd like to know about.
> The message is slowly scrolling on my terminal indefinitely. I did run
> ssh-keygen under my user account on the MAAS server prior to juju
> bootstrap, which appeared to complete successfully, and per your
> instructions I did not copy any ssh keys anywhere.
> 

Yeah, that's "normal". You never connected to the host, so its
fingerprints are not in your DB.

You might even get warnings about 'potential MITM attack', when you
reconnect to a host that has been reinstalled (and thus got a new SSH
host key).

That happens common when working with a small internal cloud (or MAAS).

I don't know of any good work-around.

Cheers

-- 
Francis J. Lacoste
francis.lacoste@xxxxxxxxxxxxx

Attachment: signature.asc
Description: OpenPGP digital signature