Validating SSH Fingerprints
Veeam Backup & Replication treats fingerprints of Linux VMs and Linux hosts differently:
When you enable the Add unknown hosts to the list manually (more secure) option in Veeam Backup & Replication settings, Linux-based machines whose fingerprints are not stored in the Veeam Backup & Replication database or the known_hosts file become unable to communicate to the Veeam backup server. During discovery, Veeam Backup & Replication puts such machines to the Untrusted node. To start managing an untrusted computer, you need to validate its fingerprint manually in the Veeam Backup & Replication console.
To validate the SSH fingerprint:
- Open the Inventory view.
- In the inventory pane, expand the Virtual Infrastructure node and click Untrusted.
- In the working area, Veeam Backup & Replication will display a list of machines whose fingerprints need to be validated. Check fingerprints of the machines in the list and validate them in one of the following ways:
- To validate fingerprints of all untrusted machines at once, select the Untrusted node in the inventory pane and click Trust All on the ribbon. Alternatively, you can right-click the Untrusted node and select Trust all.
- To validate a fingerprint of a specific computer in the list, select the necessary computer in the working area and click Trust on the ribbon. Alternatively, you can right-click the computer and select Trust.
If the SSH public key fingerprint of a Linux host is changed, Veeam Backup & Replication places this host in the Unavailable node. To be able to use this server, do the following:
- In the Backup Infrastructure view, expand the Managed Servers node and select Unavailable.
- Right-click the Linux server and select Properties.
- In the SSH Connection step of the Edit Linux Server wizard, click Apply.
- In the pop-up dialogue window, click Yes to confirm that you trust this server.
- Click Finish to close the wizard.