vCenter HA uses SSH keys for password-less authentication between the Active, Passive, and Witness nodes. The authentication is used for heartbeat exchange and file and data replication. To replace the SSH keys in the nodes of a vCenter HA cluster, you disable the cluster, generate new SSH keys on the Active node, transfer the keys to the passive node, and enable the cluster.
- Edit the cluster and change the mode to Disabled.
- Log in to the Active node by using the Virtual Machine Console or SSH.
- Enable the bash shell.
- Run the following command to generate new SSH keys on the Active node.
- Use SCP to copy the keys to the Passive node and Witness node.
- Edit the cluster configuration and set the vCenter HA cluster to Enabled.