Summary

Remote Execution on none Windows machines fails with the error ?The server's host key does not match the one PuTTY has?.

Symptoms

When performing Remote Execution on none Windows machines this fails with the following error message:

?SSH command summary:
plink.exe -t -batch -ln "<AccountName>" <MachineName> "<&- date"
Failure reason:
- Connection to the remote host failed due to a connection error.
Stderr:
WARNING - POTENTIAL SECURITY BREACH!

The server's host key does not match the one PuTTY has

cached in the registry. This means that either the

server administrator has changed the host key, or you

have actually connected to another computer pretending

to be the server.

The new rsa2 key fingerprint is:

ssh-rsa 2048 b0:33:76:16:83:08:73:9b:69:b8:9f:a8:ac:f4:40:30

Connection abandoned.


TCP command summary:
Failure reason:
- A socket error occurred (No connection could be made because the target machine actively refused it). Please inspect the process output to determine the cause of the error.

RPC command summary:
Failure reason:
- Failed to connect to the Service Manager on the remote device
Windows Error:
- The RPC server is unavailable.
Command:
- ndtrack.sh -t Machine -o UploadLocation=http://<MachineName>:80/ManageSoftRL/ -o LogModules=default -o includedirectory=/u* -o includedirectory=/apps?

Cause

This error is caused because the rsa2 key on the Admin machine does not match the key used on the target machine when connecting, this could be due to a hardware upgrade but the machine name has remained the same. The key is used to verify that the Admin machine is able to communicate with the target machine and is used before the credentials in the Password Store. Plink.exe is used to execute the command and can also be ran manually if required to test the connection using a different account.

Resolution

To resolve the error the old rsa2 key needs to be removed from the registry for the machine in question, once this has been done the next time the Remote task is ran a new valid key will be created.

The keys are stored in the following registry key for the user account that is performing the Remote task:

?Software\SimonTatham\PuTTY\SshHostKeys?

For example ?[HKEY_USERS\S-1-5-21-448539223-573765546-725345543-78144\Software\SimonTatham\PuTTY\SshHostKeys] ?

The following is an example key for a particular machine:

""rsa2@22:<MachineName/IP>"="0x23,0xaa907ad2137ca899f0aafd3d287442f94d2edc43d981cc65f11a55f71b9315c23bc45b2b8ed0b4b117771490f01c45423786851eaa6eb20110eb4d0e78f8b22b25d81d5b1b7473760034363cfb5a733aab1362016853702aa7ab93af4d02183d1a4ca499d2eee269c0b04c3181dda96c026fb17661c1616f79c40e4bdba5c5af8b9aa10a42dca0fae343804d83d8a3944cf7c2a7020018c7f2b1815d75964a49180569ad57e3671f861de78f28ad514f94cb015c0f588cb253a4a4a6add4c46a6960cb03d2bed61c5a1c57e489f81c7c26281356849ec36b6ec8e023e056f54b2187617e6a2e393a5242a979dc0b0069cfc10b138dcc86a392453cd6e361f777""

Additional Information

Additional information on Remote Execution can be located in the Discovery and Inventory Guide.