While performing tasks in the Quest Identity Manager for Unix this error message is returned
Cannot continue the task because a new SSH key was found on host. Update the SSH key and try again
The host key was changed of updated on the client machine and no longer matches the host key on record.
If an SSH host key is different than what is expected, it can indicate that the host is experiencing a 'man-in-the-middle'
attack. More commonly however, it will simply indicate that the SSH host key has changed. When profiling, if you
have left the Automatically accept new SSH host keys check box checked, an error is displayed if a SSH host key
is found that is different than the one that is already cached on the server. When this option is cleared and a different
key is encountered, you will be prompted to accept the new key. For other actions, such as adding or deleting a
user, a changed host key will always result in an error.
Note: Quest Identity Manager for Unix caches SSH connections to improve performance when multiple
actions need to be performed against a host. Because of this, you might see unexpected behavior. For
example, if you profile a host and accept its public key, then update the host's public key and immediately
profile again, you will not be notified that a new key was found, or be prompted to accept the new key
until the SSH connection has been removed from the cache. When this happens, there is no cause for
alarm since the connection to the host is secure and the public key was verified when the connection
was made. Once the connection has been flushed from the cache, any subsequent host actions will be
aware of the new public key and you will be notified of a changed key, or prompted to accept the key,
depending on whether you manually or automatically accept new keys.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center