#1949 SSH host keys are not removed from cache when host is deleted in IPA
Closed: Fixed None Opened 9 years ago by jcholast.

If a host is deleted in IPA, its host keys stay in SSSD's cache. This can lead to ssh refusing to connect to a host after reinstall, because its new host keys do not match those provided by SSSD.

Aren't the key refreshed on a new connect ?

Usually yes, but they are not when the host entry in LDAP is gone.

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.10.0

Fields changed

changelog: =>
patch: 0 => 1
status: new => assigned

Under review upstream but Honza is currently busy with other tasks. Moving to 1.10.1

milestone: SSSD 1.10.0 => SSSD 1.10.1

milestone: SSSD 1.10.1 => SSSD 1.10.0

Fields changed

resolution: => fixed
status: assigned => closed

Metadata Update from @jcholast:
- Issue assigned to jcholast
- Issue set to the milestone: SSSD 1.10.0

5 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/2991

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.