ssh remote host identification has changed

Question

I\'ve reinstalled my server and I am getting these messages:

[user@hostname ~]$ ssh root@pong
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@           


        

Answer 1

My solution is:

1. vi ~/.ssh/known_hosts
2. delete the line that contains your want connected ip.

This is better than delete all of the known_hosts

Answer 2

updated your ssh key, getting the above message is normal.

Just edit ~/.ssh/known_hosts and delete line 4, as the message pointed you

Offending RSA key in /Users/isaacalves/.ssh/known_hosts:4

or use ssh-keygen to delete the invalid key

ssh-keygen -R "you server hostname or ip"

Answer 3

If you are trying to connect to running docker container on port 2222 with the command and you get the error

mian@tdowrick2~$ ssh pos@localhost -p 2222

Then to solve this problem, on your local computer (i.e. host machine not container) go to cd ~/.ssh/ and open known_hosts file with text editor. Remove the line starting with [localhost]:2222 and save the file. Now try to ssh again

mian@tdowrick2~$ ssh pos@localhost -p 2222

Error will disappear but you have to do it each time the container restart.

Answer 4

The problem is that you've previously accepted an SSH connection to a remote computer and that remote computer's digital fingerprint or SHA256 hash key has changed since you last connected. Thus when you try to SSH again or use github to pull code, which also uses SSH, you get an error. Why? Because you're using the same remote computer address as before but the remote computer is responding with a different fingerprint. Therefore, it's possible that someone is spoofing the computer you previously connected to. This is a security issue.

If you're 100% sure that the remote computer isn't compromised, hacked, being spoofed, etc then all you need to do is delete the entry in your known_hosts file for the remote computer. That will solve the issue as there will no longer be a mismatch with SHA256 fingerprint IDs when connecting.

On Mac here's what I did:

1) Find the line of output that reads RSA host key for servername:port has changed and you have requested strict checking. You'll need both the servername and potentially port from that log output.

2) Back up the SSH known hosts file cp /Users/yourmacusername/.ssh/known_hosts /Users/yourmacusername/.ssh/known_hosts.bak

3) Find the line where the computer's old fingerprint is stored and delete it. You can search for the specific offending remote computer fingerprint using the servername and port from step #1. nano /Users/yourmacusername/.ssh/known_hosts

4) CTRL-X to quit and choose Y to save changes

Now type ssh -p port servername and you will receive the original prompt you did when you first tried to SSH to that computer. You will then be given the option to save that remote computer's updated SHA256 fingerprint to your known_hosts file. If you're using SSH over port 22 then the -p argument is not necessary.

Any issues you can restore the original known_hosts file: cp /Users/yourmacusername/.ssh/known_hosts.bak /Users/yourmacusername/.ssh/known_hosts

Answer 5

Simple one-liner solution, tested on mac:

sed '/212.156.48.110/d' ~/.ssh/known_hosts > ~/.ssh/known_hosts

Deletes only the target ssh host IP from know hosts.

where 212.156.48.110 is replaced by the target host IP address.

Cause: Happened because the target IP was already known for a different machine due to port forwarding. Deleting the target IP before connecting will fix the issue.

Answer 6

My solution on UBUNTU (linux):

1.You have to delete the content from "known_hosts" file which is in "/home/YOUR_USERNAME/.ssh/known_hosts"

2.Generate a new ssh key like "ssh-keygen -t rsa -C "your.email@example.com" -b 4096"

3.Copy-paste your new ssh key in your git repository (gitlab in my case) SSH keys.

It works for me !