Hey Sam, Thank you for the help! Sadly, the problem appears to be unrelated...
Ran the upgrades and then tried to manually ssh again, but I wound up on the wrong host. It turns out that MAAS had stomped on the IP address with one of my Ceph Monitors' Auto Assigned addresses - ignoring the reserved range... Gotta figure that out next. MAAS Version 2.1.2+bzr5555-0ubuntu1 Derek DeMoss Dark Horse Comics, Inc. System Administrator I "Truth... Is where you seek it."-Lomar > On Feb 13, 2017, at 3:15 PM, Samuel Cozannet <[email protected]> > wrote: > > Hi Derek, > > You need to upgrade your Juju to 2.0.3 at least. This is a known issue (I am > all thumbs so can't find the LP ref right now but there are a bunch of > tickets about it) > > To do so, first upgrade your controller: > > sudo apt update && sudo apt upgrade > juju switch controller > juju upgrade-juju > > Then upgrade units of the model > > juju switch <model> > juju upgrade-juju > > If this doesn't work out for you, I had success with upgrading a controller > to 2.1-beta5 by adding the devel ppa, upgrading locally, upgrading the > controller, then the units. > > > Let us know how it gets for you, > Best > Sam > > On Feb 13, 2017 21:52, "Derek DeMoss" <[email protected] > <mailto:[email protected]>> wrote: > Hey All, > I'm getting a host key verification failure when I try to juju ssh to one of > my units. > > username@os-nuc-01:~/.ssh$ juju ssh postgresql/14 -v > OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug1: Connecting to <ip address> [<ip address>] port 22. > debug1: Connection established. > debug1: identity file /home/username/.local/share/juju/ssh/juju_id_rsa type 1 > debug1: key_load_public: No such file or directory > debug1: identity file /home/username/.local/share/juju/ssh/juju_id_rsa-cert > type -1 > debug1: identity file /home/username/.ssh/id_rsa type 1 > debug1: key_load_public: No such file or directory > debug1: identity file /home/username/.ssh/id_rsa-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1 > debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 > Ubuntu-4ubuntu2.1 > debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.1 pat OpenSSH* compat 0x04000000 > debug1: Authenticating to <ip address>:22 as 'ubuntu' > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: algorithm: [email protected] > <mailto:[email protected]> > debug1: kex: host key algorithm: ecdsa-sha2-nistp256 > debug1: kex: server->client cipher: [email protected] > <mailto:[email protected]> MAC: <implicit> compression: none > debug1: kex: client->server cipher: [email protected] > <mailto:[email protected]> MAC: <implicit> compression: none > debug1: expecting SSH2_MSG_KEX_ECDH_REPLY > debug1: Server host key: ecdsa-sha2-nistp256 > SHA256:th86nMHQbr0RyuXXnsrBbeOs2JkchFl6gXVBY7p6S2k > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > Someone could be eavesdropping on you right now (man-in-the-middle attack)! > It is also possible that a host key has just been changed. > The fingerprint for the ECDSA key sent by the remote host is > SHA256:th86nMHQbr0RyuXXnsrBbeOs2JkchFl6gXVBY7p6S2k. > Please contact your system administrator. > Add correct host key in /tmp/ssh_known_hosts736182584 to get rid of this > message. > Offending RSA key in /tmp/ssh_known_hosts736182584:7 > remove with: > ssh-keygen -f "/tmp/ssh_known_hosts736182584" -R <ip address> > ECDSA host key for <ip address> has changed and you have requested strict > checking. > Host key verification failed. > > > If I just do: ssh ubuntu@<unit ip address> it connects just fine. > > So my question is, where is Juju getting the original for > /tmp/ssh_known_hosts736182584:7 > > I've tried searching a bunch on my juju-controller machine, but I haven't > been able to find anything that looks like the problematic known_hosts file... > > All the other machines/units are juju ssh-able, and I have no idea why this > one would be different [other than the drive filled up from postgresql, and I > had to clear some WAL files before things got running again]. > > Any insight or help would be appreciated! > Derek DeMoss > Dark Horse Comics, Inc. > System Administrator I > "Truth... Is where you seek it."-Lomar > > > -- > Juju mailing list > [email protected] <mailto:[email protected]> > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/juju > <https://lists.ubuntu.com/mailman/listinfo/juju> >
-- Juju mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju
