diff --git a/xCAT/postscripts/remoteshell b/xCAT/postscripts/remoteshell
index fb8124440..bc56b49a7 100755
--- a/xCAT/postscripts/remoteshell
+++ b/xCAT/postscripts/remoteshell
@@ -281,6 +281,10 @@ if [ -f /etc/ssh/ssh_host_ecdsa_key ]; then
 	if ! grep "PRIVATE KEY" /etc/ssh/ssh_host_ecdsa_key > /dev/null 2>&1 ; then
    		rm /etc/ssh/ssh_host_ecdsa_key
 	else
+		# Because of openssh version differs, provisioning errors may happen when MN support ecdsa while CN don't ecdsa.
+		# Judge CN support ecdsa or not. "-t ecdsa" indicate the key type, "-P "" " avoid hang-on and wait for input passphrase when CN don't support ecdsa.
+		# If ture, means support ecdsa, then generate corresponding key.pub. 
+		# If false, remove ssh_host_ecdsa_key useless file, to avoid future errors.
 		if ssh-keygen -t ecdsa -y -f /etc/ssh/ssh_host_ecdsa_key -P "" &>/dev/null ; then
 			ssh-keygen -y -f /etc/ssh/ssh_host_ecdsa_key > /etc/ssh/ssh_host_ecdsa_key.pub
 			chmod 644 /etc/ssh/ssh_host_ecdsa_key.pub