"Unable to get the Host Fingerprint, verify ESXi host connectivity or credentials or SSH access" error when trying to commission ESXi host from the SDDC Manager UI
search cancel

"Unable to get the Host Fingerprint, verify ESXi host connectivity or credentials or SSH access" error when trying to commission ESXi host from the SDDC Manager UI

book

Article ID: 415773

calendar_today

Updated On:

Products

VMware SDDC Manager

Issue/Introduction

  • The ESXi host commission in SDDC Manager UI fails with error : "Unable to get the Host Fingerprint, verify ESXi host connectivity or credentials or SSH access"
  • The SSH service on the host automatically terminates after the failure of the above task.
  • On SDDC Manager, in /var/log/vmware/vcf/operationsmanager/operationsmanager.log, the below error messages are seen:
     
    YYYY-MM-DDTHH:MM:SS DEBUG [vcf_om,################,####][c.v.e.s.c.util.LocalProcessService,http-nio-###.#.#.#-####-exec-8] Output:
YYYY-MM-DDTHH:MM:SS DEBUG [vcf_om, ################,#### [c.v.e.s.c.util.LocalProcessService,http-nio-###.#.#.#-####-exec-8] Error Output: /etc/ssh/ssh_config: line 20: Bad configuration option: permitrootlogin /etc/ssh/ssh_config: terminating, 1 bad configuration options
YYYY-MM-DDTHH:MM:SS DEBUG [vcf om,################,####] [c.v.evo.sddc.common.util.SshKeyScan,http-nio-###.#.#.#-####-exec-8] Fail to get host key for HOST_FQDN:22 with host key algorithms rsa-sha2-512, rsa-sha2-256
YYYY-MM-DDTHH:MM:SS ERROR[vcf om, ################,####] [c.v.e.sddc.common.util.SshKeyHelper,http-nio-###.#.#.#-####-exec-8] Failed to get SSH Host key type rsa for host: HOST_FQDN
YYYY-MM-DDTHH:MM:SS INFO [vcf om, ################,####] [c.v.e.s.c.c.v.esx.EsxCommandExecutor,http-nio-###.#.#.#-####-exec-8] Stopped SSH service on HOST_FQDN
YYYY-MM-DDTHH:MM:SS ERROR[vct_om,################,##### [c.v.v.h.c.s.i.CommissionHostsSpecValidator,http-nio-###.#.#.#-####-exec-8 Failed to get Host SSH Fingerprint for Host: HOST_FQDN

Environment

VMware Cloud Foundation 5.x

Cause

The parameter "PermitRootLogin" was added to the /etc/ssh/ssh_config file which is not a part of the default SSH configuration. 

Resolution

  • Take a snapshot of the SDDC manager virtual machine. 
  • SSH to SDDC manager with vcf and su to root
  • Edit the /etc/ssh/ssh_config file.
  • Comment out the parameter "PermitRootLogin" and and save the changes.
  • Restart the sshd service using the below command.
    • systemctl restart sshd
  • Start the SSH service on the ESXi host and proceed to commission the host from the SDDC Manager UI.
Powered by Wolken Software