Tailscale SSH: host key mismatch
viperML opened this issue · 5 comments
When I try to distant launch on my remote server, I get the following error:
$ ssh shiva
[ayats@shiva:~]$ exit
logout
Connection to shiva closed.
$ ./distant launch ssh://shiva
Failed to launch server
Caused by:
Fatal: host verification: host key mismatch for ssh server shiva:22.
Got fingerprint SHA256:s0P68lmSjJRdKdfYEerWULJuZJSBPke5MJ1BavFMCG0 instead of expected value from known_hosts
file /home/ayats/.ssh/known_hosts.
Refusing to connect.
The SSH connection works fine if I call ssh directly. This might be related to using Tailscale SSH, which might conflict with how distant handles SSH, but I don't know if that is the issue here.
Follow-up:
It seems like distant doesn't like my existing known_hosts. Wiping it and letting it generate it seems to work. Here are the differences of the two files:
# known_hosts generated by distant:
shiva ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLS7vPnY0Oz6hUnlM8tKYFrstB+mWVQEv5ud1BZtv2qcO+zeT+99DGosBs4Wn/9/KIySI0yKwbUVlgtcejiStz4= shiva:22
# known_hosts generated by plain ssh:
shiva ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJNXXwAs1vdR3V6wiO3Z6PqhayOq/vUFjrI+nvyVBrb0
This is a bug that I've seen pop up in an earlier issue, and I'm not sure why it's happening, but the workaround you did is the same that was mentioned in that issue.
I'm assuming this is an issue with one of the two ssh client libraries - neither of which is written in Rust - we're using. Wondering if #193 will resolve this.
For now, what you've done is how to resolve it!
👍
Should I close the issue?
Sure, we can close it since you found a workaround.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.