Aria Automation / Orchestrator manual (CLI) cluster upgrade from earlier versions to 8.14.x+ may fail due to SSH configuration

Aria Automation / Orchestrator manual (CLI) cluster upgrade from earlier versions to 8.14.x+ may fail due to SSH configuration

search cancel

Aria Automation / Orchestrator manual (CLI) cluster upgrade from earlier versions to 8.14.x+ may fail due to SSH configuration

book

Article ID: 315177

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Symptoms:

The node which executes the upgrade may become split from the cluster
In the upgrade log, you may see warnings related to host keys:
- @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
- IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
- Someone could be eavesdropping on you right now (man-in-the-middle attack)!
- It is also possible that a host key has just been changed.

Environment

Aria Automation 8.x

Cause

It may be due to non-standard sshd_config (_effective) or it may be more widely seen if KB 326133 is not applied before manual upgrades.
More testing is needed to decide that.

Resolution

This is a less common issue than KB 326063.

Ensure System health is good for upgrade
Apply KB 326063 if these files exist
Apply also KB 326133

The key step from that KB are to enforce certain algorithms in /etc/ssh/sshd_config_effective (or sshd_config on older versions)
These are given as values to the options MACs and KexAlgorithms in that file.

Additional Information

Impact/Risks:

No impact. These are recommended changes.

Feedback

thumb_up Yes

thumb_down No