Certificate Enrollment from RHV manager failed due to "Failed to connect to the host via ssh"

Solution Verified - Updated -

Issue

  • Certificate Enrollment failed with following error in the /var/log/ovirt-engine/host-deploy/ovirt-enroll-certs-ansible
2022-10-06 06:13:43 CDT - TASK [Gathering Facts] *********************************************************
2022-10-06 06:13:43 CDT - {
  "uuid" : "3fxxxxx4-6xxd-4xxa-8xxd-edxfxx02xe1x",
  "counter" : 6,
  "stdout" : "fatal: [x.x.x.x]: UNREACHABLE! => {\"changed\": false, \"msg\": \"Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\\r\\n
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @\\r\\n
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\\r\\n
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!\\r\\n
Someone could be eavesdropping on you right now (man-in-the-middle attack)!\\r\\n
It is also possible that a host key has just been changed.\\r\\n
The fingerprint for the ECDSA key sent by the remote host is\\n
SHA256:S8IQFCi3ZMJDkg+4iG5HQzuteIrw7IB/Xu+78iSvywc.\\r\\n
Please contact your system administrator.\\r\\n
Add correct host key in /var/lib/ovirt-engine/.ssh/known_hosts to get rid of this message.\\r\\n
Offending ECDSA key in /var/lib/ovirt-engine/.ssh/known_hosts:4\\r\\n
Challenge/response authentication is disabled to avoid man-in-the-middle attacks.\\r\\n
root@10.xx.255.xxx: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).\", \"unreachable\": true}

Environment

  • Red Hat Virtualization 4.4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content