Clearing PuTTY's Cache Of Host Finger Prints On Windows OS Event Sources
3 years ago
Originally Published: 2017-01-30
Article Number
000040073
Applies To
RSA Product Set: Security Analytics
RSA Product/Service Type: SA Log Collection 
RSA Version/Condition: 10.4.X,10.5.X,10.6.X
Issue
Unable to collect logs from Windows Operating System using file collection 
Received below error for sasftpagent -v command:

The server's host key does not match the one PuTTY has
cached in the registry. This means that either the server administrator has changed the host key, or you have actually connected to another computer pretending to be the server.
The new rsa2 key fingerprint is:
ssh-rsa 2048 23:59:f5:ca:ca:50:a9:0a:42:08:26:0e:4b:69:0b:56
Connection abandoned.

    User-added image
 
Cause
This is caused by a mismatch between the actual SSH key used by the LC/RLC and what is stored in the registry of the sftp agent machine
Resolution
To resolve the issue, follow the steps below

   1. Open the registry (regedit)

         User-added image
   2. Go to HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys

   3. Select SshHostKeys , right click and export.(This is for backup)

          User-added image  
   4. There you should see Putty’s cache of host keys.
       The ‘name’ column tells you which key is for which server.
       For example, it will have the format of @: [rsa2@22:YourhostIP]

   5. Delete the rows that you need. 

         User-added image
    6. Regenerate the SSH keys and update into LC/VLC

    7. Refer below Link to generate the SSH keys   
        https://community.rsa.com/docs/DOC-53125
 
Don't see what you're looking for?