Hello,
i'm new on freeipa and i have some problems on my structure here.
I have two servers :
ipa-replica-manage -v list Directory Manager password:
server1.domain : master server2.domain : master
When i use the command :
# ipa-replica-manage -v list server2.domain server1.domain: replica last init status: None last init ended: 1970-01-01 00:00:00+00:00 last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2017-06-23 13:35:42+00:00
# ipa-replica-manage -v list server1.domain server2.domain: replica last init status: None last init ended: 1970-01-01 00:00:00+00:00 last update status: Error (0) Replica acquired successfully: Incremental update succeeded last update ended: 2017-06-23 13:36:42+00:00
There are no errors on the syncronization of this two servers.
But i have two strange behaviors on my structure.
1. I have network elements ( servers ) listed on server2. domain ( web ) and are no listed on server1.domain ( web )
And i many servers ( many of this are listed on server2 and not on server1 ), i receive this erro when i try to connect via ssh using the dns name :
# ssh app01 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the RSA key sent by the remote host is f5:21:f0:0c:b7:4b:cf:c4:f2:8f:9c:8a:75:d3:55:5c. Please contact your system administrator. Add correct host key in /root/.ssh/known_hosts to get rid of this message. Offending RSA key in /var/lib/sss/pubconf/known_hosts:4 RSA host key for app01 has changed and you have requested strict checking. Host key verification failed.
Anyone knows how to sync this two servers ? And about the ssh, how to solve this ?
Thanks,