/var/net/sys/admin/blog
| More

SSH Remote Host Identification has changed Error and Fixes

Normally you see this message by remotely accessing via ssh on target systems like Cisco, Juniper or Linux/Unix for possible reasons like:

a.The target systems’ hostname or IP address have changed, and previously belong to a different server which of course has a different public key
b. Server’s public key has changed like SSH reinstallation or update, OS reinstallation or the ssh keygen was being re-run.
c. Can be related to security like unauthorized access or middle in the man attack is happening

Sample:

[tux@jumphost1 ~]$ ssh freelinux
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
2c:46:b0:b5:67:2b:a7:a9:89:5a:cd:13:ff:36:db:b2.
Please contact your system administrator.
Add correct host key in /home/tux/.ssh/known_hosts to get rid of this message.
Offending key in /home/tux/.ssh/known_hosts:339
RSA host key for freelinux has changed and you have requested strict checking.
Host key verification failed.

Fix#1
Delete the offending key directly on the command line

[tux@SSH-01 ~]$ sed -i “339 d” ~/.ssh/known_hosts

Fix#2
Manually delete the line
a.using vi editor, go into the file

[tux@SSH-01 ~]$vi .ssh/known_hosts

b. go to line, e.g. 339
:339

c. delete the line with “dd” and save/exit
dd
Shift+zz ( or :wq!)

Fix#3
Delete the known_hosts file
[tux@SSH-01 ~]$rm .ssh/known_hosts

Fix#4
Remove keys using ssh-keygen -R option
(from man ssh-keygen)
-R hostname
Removes all keys belonging to hostname from a known_hosts file.
This option is useful to delete hashed hosts (see the -H option
above).

[tux@SSH-01 ~]$ssh-keygen -R hostname

Test after change:

tux@SSH-01 ~]$ ssh freelinux
The authenticity of host ‘freelinux(192.168.1.100)’ can’t be established.
RSA key fingerprint is 2c:46:b0:b5:67:2b:a7:a9:89:5a:cd:13:ff:36:db:b2.
Are you sure you want to continue connecting (yes/no)? yes

Share

Leave a comment

Name: (Required)

E-mail: (Required)

Website:

Comment:

 

About FLT

This site is dedicated to everyone who likes to learn and explore the beautiful world of Linux. If you have comments and suggestions, please feel free to email at freelinuxtutorials@gmail.com. I am happy to serve and share things esp. that is free and enjoyable as Linux.