Ssh knownhosts not updating
All Mozilla sites and deployment should follow the recommendations below.
If you only have the fingerprint, you will have to write an extra step which verifies the downloaded public key with your fingerprint...--- # ansible playbook that adds ssh fingerprints to known_hosts - hosts: all connection: local gather_facts: no tasks: - command: /usr/bin/ssh-keyscan -T 10 register: keyscan - lineinfile: name=~/.ssh/known_hosts create=yes line= with_items: '' This is simply dumps output of a keyscan, yes. X:22 [INF][ SSH tunnel]: Tunnel Manager.wait_connection authentication error: Authentication error, unhandled exception caught in tunnel manager, please refer to logs for details [ERR][ SSH tunnel]: Authentication error opening SSH tunnel: Authentication error, unhandled exception caught in tunnel manager, please refer to logs for details [ERR][sshtunnel.py:notify_exception_error:233]: Traceback (most recent call last): File "/Applications/My SQLWorkbench.app/Contents/Resources/sshtunnel.py", line 265, in _connect_ssh look_for_keys=has_key, allow_agent=has_key) File "/Applications/My SQLWorkbench.app/Contents/Resources/libraries/paramiko/client.py", line 301, in connect t.start_client() File "/Applications/My SQLWorkbench.app/Contents/Resources/libraries/paramiko/transport.py", line 461, in start_client raise e SSHException: Incompatible ssh peer (no acceptable kex algorithm) [INF][ WBContext]: Connection to Helle Wolke cancelled by user: Tunnel connection cancelled Windows 8.1: [DB1][sshtunnel.py:wait_connection:446]: INFO: Connecting to SSH server at X. A workaround for anyone looking: sudo yum downgrade python-paramiko On fedora this produces: Installing : python-paramiko-1.10.1-2.fc20.noarch 1/2 Cleanup : python-paramiko-1.15.1-1.fc20.noarch 2/2 Verifying : python-paramiko-1.10.1-2.fc20.noarch 1/2 Verifying : python-paramiko-1.15.1-1.fc20.noarch So downgrading from python-paramiko-1.15.1-1 to 1.10.1-2 enables ssh tunnels to work again, without having to downgrade openssh openssh-clients openssh-server from 6.7 to 5.3. Suggested fix: update to the latest paramiko (1.15)I can confirm this is happing for me running Fedora 20 once all updates have been applied on a fresh OS install with workbench 184.108.40.20621 64 bit.I have been trying to configure an SFTP job in Tidal but keep getting the error "FTP JOB Failed : No known hosts provided - use Secure FTPConnection.Known Hosts to add some (safe), or set Server Validation to None (unsafe)." Other threads have mentioned changing the by adding SSLVLDCRT=n under the [config] section and recycling the service.Next, you will see a prompt asking for your password for the remote machine.After entering your password, you will be at a shell prompt for the remote machine.The assumption was the Tidal agent worked s – For SFTP Host validation, the location of the file containing the public Keys for the servers that SFTP connections will be established with.Provides a list of hosts and their associated public keys in the given file.What I haven not been able to find is what to do in order to add Known Hosts for SFTP jobs.The job is being created on a Windows install of Tidal.