Failed: No ECDSA host key is known for 192.168.2.5 and you have requested strict checking. Host key verification failed.

[violanted]

Hi All,

I have two Freenas and configured between them replication for 3 specific dataset.

The main freenas goes off on a cron job at 20:30

Instead the replica backup goes off soon after the replication last pull check is over.

Both systems goes automaticall on in the morning at 10:30am, I do this to save in consume of energy.

However since few days I see

Failed: No ECDSA host key is known for 192.168.2.5 and you have requested strict checking. Host key verification failed.

No matter if I re add the remote host key the error remain and I am not sure but i believe they are not longer synchronizing

How can I resolve this issue?

 

[dlavigne]

Was either system updated? If so, that would change the host key.

 

[violanted]

Was either system updated? If so, that would change the host key.

Good morning

Nope both systems are at the same OS level since replication was setup

The replication tasks configured on source main system starts at 11am and finish at 14:30 every day.

It pools data every 1 hour during that time frame.

What happened is that the destination system was configured to auto shutdown at 13:30 so during the replication timeframe

Since then the error appeared

I have corrected this to shutdown after the replication time

However since then even if I add a new host remote key the error remains and new data on source doesn’t seem to be replicated.

Thanks

 

[dlavigne]

Which FreeNAS version (on each side)?

 

[rvassar]

I'd try an manual ssh between the two hosts and see what error it throws. It may be as simple as deleting the old key, and accepting the new key. If you've done any ssh hardening (ala: https://stribika.github.io/2015/01/04/secure-secure-shell.html ) the upgrade may have overwritten your config and re-introduced a disabled host key.


Also... If you're residential, running split horizon DNS, your ISP may be doing "DNS error assist", and you may have inadvertently connected to a strange sshd. If the phrase "split horizon DNS" confuses you, you probably don't have it.