I dont want to attach eip to my chef-client

377 views Asked by At

my chef server is in vpc i want to execute this command without eip

knife ec2 server create -r "role[test1]" -I ami-axxxxx --flavor t1.micro -x ubuntu --ssh-key JP_Key -Z us-east-1c --subnet subnet-c1b6d5a8 -g sg-b1e70bde -p 22 --fqdn mynewclientnode.example.com --tags Name=test_knife

im getting this error

ERROR: Net::SSH::HostKeyMismatch: fingerprint 5f:4b:f6:4d:9b:8a:88:a0:9d:fd:9f:ea:5c:ad:31:ef does not match for "10.220.15.174"

10.220.15.174 is ip of newly launched instance.

when i attach eip chef-client is instanlling.

Is there any way to do it.

1

There are 1 answers

0
sethvargo On

This is not a Chef, knife, or AWS error. For security reasons, SSH stores the fingerprints of systems in a local cache the first time you connect. If that fingerprint changes (like if you re-provision a server using the same FQDN), SSH will throw this error. This is primarily to prevent MITM attacks (where you would be logging into a server that isn't what you think).

To fix this error, remove that fingerprint from your ~/.ssh/known_hosts file and run the command again.