Ardian Fazri
Updated on
Tags :

Table of Content

id

Menyelesaikan masalah "Proxmox Remote Host Identification Has Changed"

Error Log: Proxmox Remote Host Identification Has Changed!

When I attempted to access the shell on one of the nodes that had just joined the cluster, an error like this appeared. The error log that shows up is actually more alarming than the title itself. If you're curious about how the complete log looks, it might be something like this:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the RSA key sent by the remote host is SHA256:<SHA256 code>. Please contact your system administrator.

It’s quite astonishing; there is a possibility that we might be experiencing a man-in-the-middle attack. If your server has been running for a long time and suddenly encounters this error, it needs further investigation. However, if the server in question is new, particularly if it doesn’t have any guest VMs or similar, it is likely just a misconfiguration when joining the node.

How to Resolve the "Remote Host Identification Has Changed" Issue in Proxmox

Here’s how to fix it. You can also find more information on the Proxmox forum. The link is (https://forum.proxmox.com/threads/warning-remote-host-identification-has-changed.110186/)[https://forum.proxmox.com/threads/warning-remote-host-identification-has-changed.110186/]

Here’s what you need to do:

  • SSH into the node whose certificate has changed, not the node that is performing the remote access. Typically, you can still access the node directly via SSH.
  • Run the command to update the certificate: pvecm updatecerts -F
  • Then, execute the command to restart the Proxmox daemon and proxy: systemctl restart pvedaemon pveproxy
  • Wait until the process is complete; usually, pvedaemon takes longer to restart.
  • After that, try accessing the shell remotely from the other node again.