SOLVED remote destination for backup not validating

[audrey]

Hi

I recently set up an AlmaLinux dedicated server to replace one of my Centos7 dedicated servers

I am trying to set up a remote SFTP destination in the WHM for the backup of my new server

I am backing up from
AlmaLinux v8.8.0 STANDARD standard
cPanel Version
110.0.6

to one of my other servers - remote destination
CentOS v7.9.2009 STANDARD standard cPanel Version
110.0.6
Nothing has changed on this server
One of the keys that I have tried to use has recently worked as a remote destination from another centos 7 server
The public and private keys are listed in the remote server's backup account in cpanel and authorized and are also listed in both servers root ssh keys

Below is the error that I am getting from the AlmaLinux server when I try to validate the destination When trying to validate the remote destination to the Centos server.
" Error: Validation for transport "SFTP" failed: No ECDSA host key is known for host.XXXXX.com and you have requested strict checking. Host key verification failed. "

the authorized keys are installed and authorized
cd /home/USERNAME/.ssh/
[root@host .ssh]# ls authorized_keys id_XXXXXX.pub id_XXXXXX.pub
id_XXXXXX id_XXXXXX putty

I have tried several different SSH keys - no luck.
I have tried both 4096 and 2048 keys
I have also tried PPK format for the private key

One of the keys that I tried to use has been working for a remote destination from my old Centos server to the same Centos server that the AlmaLinux server cannot SFTP to and it connected just fine.

I installed the RSA key on both WHMs and in the desired account on the Centos destination server.

I do not want to remove strict checking or make this any less secure.

Any advice would be greatfully appreciated

Thanks
Audrey

 

[cPRex]

Hey there! This error sounds like an SSH problem and not a key problem. This is like when you access a server for the first time and you have to type "yes" to approve the man-in-the-middle warning - that is the host key getting added to your local system's knownhosts file.

On a default cPanel server, we don't have StrictHostKeyChecking enabled, so I'm wondering if that has been added to your machine. Can you run this command and post the output here?

grep StrictHostKeyChecking /etc/ssh/sshd_config

 

[audrey]

Thanks for your help.

I ran the command on both servers and nothing shows up on either server
[root@host2 ~]# grep StrictHostKeyChecking /etc/ssh/sshd_config
[root@host2 ~]#

[root@host ~]# grep StrictHostKeyChecking /etc/ssh/sshd_config
[root@host ~]#

What is also wierd is that I use SSH keys to access both servers using winscp and penguinet.
The servers SSH keys work without any issues

 

[cPRex]

That is even more interesting. It might be best to create a ticket as I'm not finding much related to this specific error and the remote backup process.

 

[audrey]

I agree - this is interesting - thanks for trying to help me figure this out.

I will create a ticket for the Centos 7 server - and the cpanel person that gets the ticket can let me know if they need access to the AlmaLinux 8 server as well

Thanks again
Audrey

 

[cPRex]

If you can post the ticket number here once you've done that I can follow along as well.

 

[audrey]

HI cPRex

Hope you are having a nice day

cpanel ticket number 95065879

Problem is now solved.

Thanks for your help

Take Care
Audrey

 

[kodeslogic]

Glad that the issue is resolved.

 

[cPRex]

It sounds like my above suggestion ended up working, as this is what we found in the ticket:

"At this time, I can validate the destination. I temporarily disabled the Tweak Setting from WHM --> Tweak Settings "Enable strict SSH host key checking" validated and re-enabled the setting, and it still works. This allowed the host to be placed in the "known hosts" file on the destination. server Alternatively, you can do the same by logging in via SSH from the command line."