Panorama, scheduled config export, failed exporting config bundle, no RSA host key is known

Panorama, scheduled config export, failed exporting config bundle, no RSA host key is known

3671
Created On 01/25/23 16:07 PM - Last Modified 08/15/24 19:10 PM


Symptom


In Panorama GUI
  • Navigate to Panorama > Scheduled Config Export
  • Add a new one or click on TACtest-export
  • Click on Test SCP Server Connection. You will prompted with the below message:
No ECDSA host key is known for 10.193.182.14 . Host key verification failed.
Do you want to add the following key for X.X.X.X?
Key Signature
2048 MD5:6e:ab:f6:96:59:b5:2b:42:72:d0:44:2c:d2:c7:1e:26 10.193.182.14 (RSA)

On Panorama CLI
  • Test scp server connectivity
test scp-server-connection initiate port 22 hostname X.X.X.X username XXXX password XXXXX
  • The below message will be received: 
Server error : No ECDSA host key is known for 10.193.182.14 .

Host key verification failed.

 

 

Environment


  • PAN-OS 10.2.0

Resolution


Workaround:
  • Use FTP for scheduled config export
  • Fixed in 10.2.2
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000kGWfCAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language