A host fingerprint is the public key fingerprint of an SSH host. Bastionhost uses host fingerprints to verify that you are connecting to the real host, not an impersonator — preventing man-in-the-middle attacks such as eavesdropping and tampering.
When a Linux host's SSH public key changes (for example, after a system reinstallation), the stored fingerprint becomes invalid and Bastionhost blocks O&M access to that host. Clear the stale fingerprint to restore access. Clearing the host fingerprint does not affect your O&M operations. The next time you connect, Bastionhost automatically records the new fingerprint.
Prerequisites
Before you begin, ensure that you have:
A bastion host in the Bastionhost console
Clear the fingerprint of a single host
Log on to the Bastionhost console. In the top navigation bar, select the region in which your bastion host resides.
In the bastion host list, find the bastion host that you want to manage and click Manage.
In the left-side navigation pane, choose Assets > Hosts.
Find the host whose fingerprint you want to clear and click its name.
On the Basic Info tab of the panel that appears, click Clear next to the host fingerprint.
After the fingerprint is cleared, the message the host fingerprint is reset appears, and the Host Fingerprint field on the Basic Info tab displays No host fingerprint. The next time you perform O&M operations on this host, Bastionhost automatically records the new fingerprint.
Clear the fingerprints of multiple hosts
Log on to the Bastionhost console. In the top navigation bar, select the region in which your bastion host resides.
In the bastion host list, find the bastion host that you want to manage and click Manage.
In the left-side navigation pane, choose Assets > Hosts.
On the Hosts page, select the hosts whose fingerprints you want to clear and choose Batch > Clear Host Fingerprint.
In the dialog box that appears, click OK.
After the operation completes, the message The host fingerprint is reset appears for each selected host. The next time you perform O&M operations on any of these hosts, Bastionhost automatically records their new fingerprints.