From b608592b082854fe886a114f5b025baee7741e19 Mon Sep 17 00:00:00 2001
From: Casandra Qiu <cxhong@us.ibm.com>
Date: Thu, 17 Dec 2015 10:46:13 -0500
Subject: [PATCH 1/2] Remove hostname from known_hosts file after set
 credentials

---
 xCAT-server/lib/xcat/plugins/credentials.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/xCAT-server/lib/xcat/plugins/credentials.pm b/xCAT-server/lib/xcat/plugins/credentials.pm
index 04c321c60..9a5360db1 100644
--- a/xCAT-server/lib/xcat/plugins/credentials.pm
+++ b/xCAT-server/lib/xcat/plugins/credentials.pm
@@ -320,6 +320,9 @@ sub process_request
            @filecontent=();
        }
     }
+     `logger -t xcat -p local4.info "credentials: remove $client from known_hosts"` ;
+    system("ssh-keygen -R $client -f /root/.ssh/known_hosts");
+
     if (defined $rsp->{data}->[0]) {
 	#if we got the data from the file, send the data message to the client
         xCAT::MsgUtils->message("D", $rsp, $callback, 0);

From b07cd8aa15ee4262efff613db0b9646438ec2e58 Mon Sep 17 00:00:00 2001
From: Casandra Qiu <cxhong@us.ibm.com>
Date: Fri, 15 Jan 2016 18:12:56 -0500
Subject: [PATCH 2/2] Remove changes in the credentials.pm and put fixes in the
 remoteshell

---
 xCAT-server/lib/xcat/plugins/credentials.pm | 3 ---
 xCAT/postscripts/remoteshell                | 4 ++--
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/xCAT-server/lib/xcat/plugins/credentials.pm b/xCAT-server/lib/xcat/plugins/credentials.pm
index 9a5360db1..04c321c60 100644
--- a/xCAT-server/lib/xcat/plugins/credentials.pm
+++ b/xCAT-server/lib/xcat/plugins/credentials.pm
@@ -320,9 +320,6 @@ sub process_request
            @filecontent=();
        }
     }
-     `logger -t xcat -p local4.info "credentials: remove $client from known_hosts"` ;
-    system("ssh-keygen -R $client -f /root/.ssh/known_hosts");
-
     if (defined $rsp->{data}->[0]) {
 	#if we got the data from the file, send the data message to the client
         xCAT::MsgUtils->message("D", $rsp, $callback, 0);
diff --git a/xCAT/postscripts/remoteshell b/xCAT/postscripts/remoteshell
index bc56b49a7..1a6e3cf4e 100755
--- a/xCAT/postscripts/remoteshell
+++ b/xCAT/postscripts/remoteshell
@@ -224,8 +224,8 @@ else
 fi
 rm /tmp/ssh_rsa_hostkey
 
-# if there is a ecdsa host key on the node then download the replacement from the MN/SN
-if [ -f /etc/ssh/ssh_host_ecdsa_key ]; then
+# if node supports ecdsa host key then download the replacement from the MN/SN
+if ssh-keygen -t ecdsa -f /tmp/ecdsa_key -P "" &>/dev/null ; then
   # download the host ecdsa key
   if [ $useflowcontrol = "1" ]; then
     #first contact daemon  xcatflowrequest <server> 3001