A host fingerprint is a unique identifier for Bastionhost to identify a Linux host that uses SSH. Bastionhost checks the access permissions on hosts based on host fingerprints. This prevents malicious users from accessing unauthorized hosts by using traffic redirection. If the original fingerprints of hosts are invalid, you must clear the host fingerprints. Otherwise, you cannot perform O&M operations on the hosts. This topic describes how to clear host fingerprints.

Background information

Bastionhost uses a host fingerprint to uniquely identify a Linux host. If you clear the fingerprint of a host, no impacts are imposed on your O&M operations. The next time you maintain the host, Bastionhost automatically generates a new fingerprint for the host.

Clear the fingerprint of a single host

To clear the fingerprint of a single host, perform the following steps.

  1. Log on to the Bastionhost console.
  2. In the left-side navigation pane, choose Assets > Hosts.
  3. Find the host whose fingerprint you want to clear and click its name.
  4. On the Basic Info tab of the panel that appears, click Clear next to the host fingerprint. Clear the fingerprint of a single host
    After the fingerprint is cleared, a message indicating that the host fingerprint is reset appears, and No host fingerprint. is displayed in the Host Fingerprint section of the Basic Info tab.

Clear the fingerprints of multiple hosts at a time

To clear the fingerprints of multiple hosts at a time, perform the following steps.

  1. Find your bastion host and click Manage. For more information, see Log on to Bastionhost.
  2. In the left-side navigation pane, choose Assets > Hosts.
  3. On the Hosts page, select the hosts whose fingerprints you want to clear and choose Batch > Clear Host Fingerprint. Clear the fingerprints of multiple hosts at a time
  4. In the message that appears, click OK.
    After the operation is complete, a message indicating that the host fingerprints are reset appears.