Hello,
i'm new on freeipa and i have some problems on my structure here.
I have two servers :
ipa-replica-manage -v list
Directory Manager password:
server1.domain : master
server2.domain : master
When i use the command :
# ipa-replica-manage -v list server2.domain
server1.domain: replica
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica acquired successfully: Incremental update succeeded
last update ended: 2017-06-23 13:35:42+00:00
# ipa-replica-manage -v list server1.domain
server2.domain: replica
last init status: None
last init ended: 1970-01-01 00:00:00+00:00
last update status: Error (0) Replica acquired successfully: Incremental update succeeded
last update ended: 2017-06-23 13:36:42+00:00
There are no errors on the syncronization of this two servers.
But i have two strange behaviors on my structure.
1. I have network elements ( servers ) listed on server2. domain ( web ) and are no listed on server1.domain ( web )
And i many servers ( many of this are listed on server2 and not on server1 ), i receive this erro when i try to connect via ssh using the dns name :
# ssh app01
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
f5:21:f0:0c:b7:4b:cf:c4:f2:8f:9c:8a:75:d3:55:5c.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending RSA key in /var/lib/sss/pubconf/known_hosts:4
RSA host key for app01 has changed and you have requested strict checking.
Host key verification failed.
Anyone knows how to sync this two servers ? And about the ssh, how to solve this ?