IBM Support

QRadar: SSH to host fails with error "No ECDSA host key is known for <Remote Host IP> and you have requested strict checking"

Troubleshooting


Problem

SSH and any application that uses SSH to establish connections such as SCP, SFTP, and RSYNC fails to connect to an unmanaged QRadar appliance with an error such as "ERROR: Host key verification failed". This issue affects procedures such as copying QRadar SFS files to patch a host to match the Console's version before adding the appliance to the deployment.

 

Symptom

The SSH connection attempt fails with an error similar to the following:
ERROR: No ECDSA host key is known for <Remote Host IP> and you have requested strict checking.
ERROR: Host key verification failed.

Note: This is a separate issue from the error "ECDSA host key for X.X.X.X has changed and you have requested strict checking." For that error, see QRadar: SSH fails with error "Offending ECDSA key in /root/.ssh/known_hosts:"

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtNAAQ","label":"Deployment"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"All Versions"}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Document Information

Modified date:
02 June 2023

UID

ibm16416585