Troubleshooting
Problem
SSH and any application that uses SSH to establish connections such as SCP, SFTP, and RSYNC fails to connect to an unmanaged QRadar appliance with an error such as "ERROR: Host key verification failed". This issue affects procedures such as copying QRadar SFS files to patch a host to match the Console's version before adding the appliance to the deployment.
Symptom
The SSH connection attempt fails with an error similar to the following:
ERROR: No ECDSA host key is known for <Remote Host IP> and you have requested strict checking.
ERROR: Host key verification failed.
Note: This is a separate issue from the error "ECDSA host key for X.X.X.X has changed and you have requested strict checking." For that error, see QRadar: SSH fails with error "Offending ECDSA key in /root/.ssh/known_hosts:"
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtNAAQ","label":"Deployment"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"All Versions"}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
02 June 2023
UID
ibm16416585