今天打開 PVE 發現沒有辦法連上 noVNC 上方出現 無法連線到伺服器,不過測試了一下發現它自己的節點是正常的,所以由此可知伺服器是正常的,所以要解決的只有無法 VNC 的問題。
然後看了一下下方的 LOG 有顯示錯誤是 Host key verification failed. 所以看起來問題就是 key 檔案了。
解決方法
在不可以連上機器 noVNC 的那台主機上使用以下指令
- server-b-name:伺服器 B 的名稱
- server-b-ip-address:伺服器 B 的 IP 位置
/usr/bin/ssh -e none -o 'HostKeyAlias=server-b-name' root@server-b-ip-address /bin/true
所以像是我自己的
- 伺服器名稱:pve002
- IP 位置:192.168.10.12
就使用以下
/usr/bin/ssh -e none -o 'HostKeyAlias=pve002' [email protected] /bin/true
例外狀況
直接連線可能會出現 WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! 的問題,這邊只要依照它的建議使用指令 ssh-keygen -f "/etc/ssh/ssh_known_hosts" -R "pve002" 就可以了
root@pve001:~# /usr/bin/ssh -e none -o 'HostKeyAlias=pve002' [email protected] /bin/true @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the RSA key sent by the remote host is SHA256:2222Gacr34i4P9Qk1F+MfMCzFsY1X01xd4F4rfc60iU. Please contact your system administrator. Add correct host key in /root/.ssh/known_hosts to get rid of this message. Offending RSA key in /etc/ssh/ssh_known_hosts:9 remove with: ssh-keygen -f "/etc/ssh/ssh_known_hosts" -R "pve002" RSA host key for pve002 has changed and you have requested strict checking. Host key verification failed.
再連線一次就正常了
root@pve001:~# ssh-keygen -f "/etc/ssh/ssh_known_hosts" -R "pve002" # Host pve002 found: line 9 /etc/ssh/ssh_known_hosts updated. Original contents retained as /etc/ssh/ssh_known_hosts.old root@pve001:~# /usr/bin/ssh -e none -o 'HostKeyAlias=pve002' [email protected] /bin/true The authenticity of host 'pve002 (192.168.10.12)' can't be established. ECDSA key fingerprint is SHA256:O001Hhcb/FausYPjHpsyA/Mc4A+2/JiCGndgK9e9Vu4. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 'pve002' (ECDSA) to the list of known hosts.
《AWS CDK 完全學習手冊:打造雲端基礎架構程式碼 IaC》
第 12 屆 iT 邦幫忙鐵人賽 DevOps 組冠的《用 CDK 定 義 AWS 架構》
第 11 屆 iT 邦幫忙鐵人賽《LINE bot 好好玩 30 天玩轉 LINE API》
一個熱愛分享的雲端工程師!