If like me you manage a lot of Dell servers, IT Assistant can be a godsend (if somewhat clunky). As I installed and started to play with the features, I noticed I was unable to deploy updates to my Linux machines. The tasks would immediately fail with the following error:
File deploy command failed to execute with error message: The server's host key is not cached in the registry. The system may not be the same.
As I investigated, I noticed that most of the OpenManage processes were running as SYSTEM (or the LOCAL SYSTEM account). Therefore, if I used plink to cache the Linux server SSH keys in the registry of the Administrator, the IT Assistant process can't find them. Ah ha!
Luckily, there are two methods to solve this. The first method I'll provide will allow you to cache the SSH keys in the registry of the LOCAL SYSTEM account, the second (and recommended) method will make the OpenManage IT Assistant processes run under the Administrator account.
Method 1: (Dangerous)
To cache the keys in the registry of the Local System account, you'll need to download and install the PSTools from Microsoft, located
here. We're after psexec.exe.
After you download and extract the tools, open a cmd prompt, navigate to the pstools extraction folder and run the following command:
psexec.exe -s cmd.exe
To verify it worked, type whoami and you should see nt authority\system listed.
WARNING: You can do SERIOUS, IRREVERSIBLE damage to your system when logged in as this account. Do not delete or create any files.
Navigate to the folder where you installed the OpenManage IT Assistant - it's usually in C:\Program Files\Dell\SysMgt\ITAssistant\bin - and use plink.exe to cache each SSH host key in the registry.
Example:
The server's host key is not cached in the registry. You have no guarantee that the server is the computer you think it is.
The server's rsa2 key fingerprint is: ssh-rsa 2048 ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff
If you trust this host, enter "y" to add the key to PuTTY's cache and carry on connecting. If you want to carry on connecting just once, without adding the key to the cache, enter "n". If you do not trust this host, press Return to abandon the connection.
Store key in cache? (y/n) y
Once you're done adding all your SSH host keys, type exit to leave the LOCAL SYSTEM user's shell.
Method 2: (Preferred)
Using this method, we will simply change the service account that one of the IT Assistant processes runs under. Once we force the service to run as the Administrator account, we can then cache the SSH host keys into the registry of the Administrator rather than the LOCAL SYSTEM account.
To do this, start by closing any browser sessions you have open to the IT Assistant interface. Then, open the Administrative Tools - Services MMC and find the DSM IT Assistant Connection Service and double-click on it.
Select the This Account radio button and type in Administrator - then verify the password twice. Click apply, ok, and then right-click on the service and restart it.
Now, simply follow the plink.exe example above to cache all your Linux server SSH host keys in to the registry and you're done.
That's it! Good luck and happy updating!