Ever upgraded SSH, either due to a major patch or an operating system upgrade and run into the following?
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 93:d4:93:67:fa:4e:53:7d:2c:aa:0d:4b:8e:60:4d:eb. Please contact your system administrator. Add correct host key in /<user home directory>/.ssh/known_hosts to get rid of this message. Offending key in /root/.ssh/known_hosts:4 RSA host key for host.example.com has changed and you have requested strict checking. Host key verification failed.
It used to be that the known_hosts file was human-readable, and you could simply edit it with your favorite editor, ssh to the remote host again and accept the new host key. But now that file is encrypted, so if you have multiple entries recorded there, you cannot easily identify which one you should remove. Enter ssh-keygen. You can use this command to remove entries from the known_hosts file in the following way:
% ssh-keygen -R hostname
If you also added a key based on the IP address, repeat this using that address, and then re-issue your ssh command and accept the new key. Done!
Advertisement
September 2, 2010 at 10:41
>> Offending key in /root/.ssh/known_hosts:4
Another way to solve this is:
nano +4 /root/.ssh/known_hosts
and press F9 to delete the line.
Save and exit.
September 2, 2010 at 14:03
As stated in the article, that would work *if* your known_hosts file is *not* encrypted. If it is, you’ll not know which entry you’re about to delete — you might get lucky though.
-Robert