SSH 원격 호스트 식별이 변경되었습니다.

SSH 원격 호스트 식별이 변경되었습니다.

---

서버를 다시 설치했는데 다음 메시지가 나타납니다.

[user@hostname ~]$ ssh root@pong
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
6e:45:f9:a8:af:38:3d:a1:a5:c7:76:1d:02:f8:77:00.
Please contact your system administrator.
Add correct host key in /home/hostname /.ssh/known_hosts to get rid of this message.
Offending RSA key in /var/lib/sss/pubconf/known_hosts:4
RSA host key for pong has changed and you have requested strict checking.
Host key verification failed.

인터넷에서 찾은 다양한 솔루션을 시도했습니다. 내 known_hosts파일 (일반적으로 ~/.ssh/known_hosts)은 /var/lib/sss/pubconf/known_hosts. 편집을 시도했지만 하나의 상태로 남아 있습니다. ipa-client를 설치 했고 Fedora 19를 가지고 있습니다.이 경고를 어떻게 해결합니까?

지금까지 답변 한 모든 답변은 Freeipa를 설치하지 않은 경우에만 작동합니다.

여기 adrin의 댓글 아래에 freeipa에 대한 정답이 있습니다 .

---

다음은 가장 간단한 해결책입니다.

ssh-keygen -R <host>

예를 들면

ssh-keygen -R 192.168.3.10

에서 ssh-keygenman 페이지 :

• -R hostnameknown_hosts 파일에서 호스트 이름에 속하는 모든 키를 제거합니다. 이 옵션은 해시 된 호스트를 삭제하는 데 유용합니다 (위의 -H 옵션 참조).

---

사용하다

ssh-keygen -R [hostname]

IP 주소 / 호스트 이름의 예는 다음과 같습니다.

ssh-keygen -R 168.9.9.2

이것은 known_hosts에서 호스트의 문제를 업데이트합니다. -f 플래그를 사용하여 known_hosts의 경로를 제공 할 수도 있습니다.

---

Digital Ocean Ubuntu 이미지를 다시 만든 후에도 동일한 오류가 발생했습니다. 대신 서버 IP와 함께 다음 명령을 사용했습니다.[IP_ADDRESS]

ssh-keygen -R [IP_ADDRESS]

---

서버를 다시 설치하면 ID가 변경되고이 메시지가 표시되기 시작합니다. Ssh는 연결하는 서버를 변경했는지 또는 모든 통신을 스니핑하기 위해 중간 서버가 네트워크에 추가되었는지 여부를 알 수 없습니다.

관련 항목을 삭제하여 known_hosts에서 키를 제거하기 만하면됩니다.

sed '4d' -i /var/lib/sss/pubconf/known_hosts

의 4d계정에 있습니다.Offending RSA ...known_hosts:4

---

슬레지 해머는 알려진 모든 호스트를 한 번에 제거하는 것입니다.

rm ~/.ssh/known_hosts

---

점프 박스에서 수명이 짧은 서버의 작은 서브넷을 사용하고 동일한 ssh 키를 공유하는 서버의 내부 IP 주소 재사용을 자주 사용하기 때문에 이에 반대합니다.

---

문제는 이전에 원격 컴퓨터에 대한 SSH 연결을 수락했으며 마지막 연결 이후 원격 컴퓨터의 디지털 지문 또는 SHA256 해시 키가 변경되었다는 것입니다. 따라서 SSH를 다시 ​​시도하거나 github를 사용하여 SSH를 사용하는 코드를 가져 오면 오류가 발생합니다. 왜? 이전과 동일한 원격 컴퓨터 주소를 사용하고 있지만 원격 컴퓨터가 다른 지문으로 응답하기 때문입니다. 따라서 누군가 이전에 연결 한 컴퓨터를 스푸핑하고있을 수 있습니다. 이것은 보안 문제입니다.

If you're 100% sure that the remote computer isn't compromised, hacked, being spoofed, etc then all you need to do is delete the entry in your known_hosts file for the remote computer. That will solve the issue as there will no longer be a mismatch with SHA256 fingerprint IDs when connecting.

On Mac here's what I did:

1) Find the line of output that reads RSA host key for servername:port has changed and you have requested strict checking. You'll need both the servername and potentially port from that log output.

2) Back up the SSH known hosts file cp /Users/yourmacusername/.ssh/known_hosts /Users/yourmacusername/.ssh/known_hosts.bak

3) Find the line where the computer's old fingerprint is stored and delete it. You can search for the specific offending remote computer fingerprint using the servername and port from step #1. nano /Users/yourmacusername/.ssh/known_hosts

4) CTRL-X to quit and choose Y to save changes

Now type ssh -p port servername and you will receive the original prompt you did when you first tried to SSH to that computer. You will then be given the option to save that remote computer's updated SHA256 fingerprint to your known_hosts file. If you're using SSH over port 22 then the -p argument is not necessary.

Any issues you can restore the original known_hosts file: cp /Users/yourmacusername/.ssh/known_hosts.bak /Users/yourmacusername/.ssh/known_hosts

---

As many have already said, use ssh-keygen, i.e.

ssh-keygen -R pong

Also, you may like to consider temporarily turning off host key checking:

ssh -oStrictHostKeyChecking=no root@pong

---

Works for me!

Error: Offending RSA key in /var/lib/sss/pubconf/known_hosts:4

This indicates you have an offending RSA key at line no. 4

Solution 1:

1. vi /var/lib/sss/pubconf/known_hosts

2. remove line no: 4.

3. Save and Exit, and Retry.

Solution 2:

ssh-keygen -R "you server hostname or ip"

OR

Solution 3:

sed -i '4d' /root/.ssh/known_hosts

This will remove 4th line of /root/.ssh/known_hosts in place(-i).

---

I used the solution of mockinterface, though the sed -i didn't quite work I solved it by deleting the line by hand with vim:

sudo vim /var/lib/sss/pubconf/known_hosts

You can use any other text editor you want, but probably you'll need to show your administrative privileges

---

This is because your remote computer settings have changed. Remove your current keys for that.

vim /root/.ssh/known_hosts

Delete the line of the IP you are connecting.

---

For Mac users, you can use the -R flag of the ssh-keygen command. Quick example:

ssh-keygen -R THE_IP_ADDRESS

THE_IP_ADDRESS being the IP you're trying to ssh into. And then you can connect fine.

---

The other answers here are good and working, anyway, I solved the problem by deleting ~/.ssh/known_hosts. This certainly solves the problem, but it's probably not the best approach.

---

In my case it happened because I previously had ssh connection with a machine with same ip(say 192.152.51.10) and the system was considering the RSA key(stored in /home/user_name/.ssh/known_hosts) of the previous host which resulted in mismatch.

To resolve this issue, you have to remove previously stored RSA key for the ip 192.152.51.10.

ssh-keygen -f "/home/user_name/.ssh/known_hosts" -R 192.152.51.10

---

Use this command:

truncate -s 0 /home/SYSTEM_NAME/.ssh/known_hosts

---

Remove that the entry from known_hosts using:

ssh-keygen -R *ip_address_or_hostname*

This will remove the problematic IP or hostname from known_hosts file and try to connect again.

From the man pages:

-R hostname
Removes all keys belonging to hostname from a known_hosts file. This option is useful to delete hashed hosts (see the -H option above).

---

If you are trying to connect to running docker container on port 2222 with the command and you get the error

mian@tdowrick2~$ ssh pos@localhost -p 2222

Then to solve this problem, on your local computer (i.e. host machine not container) go to cd ~/.ssh/ and open known_hosts file with text editor. Remove the line starting with [localhost]:2222 and save the file. Now try to ssh again

mian@tdowrick2~$ ssh pos@localhost -p 2222

Error will disappear but you have to do it each time the container restart.

---

Edit /home/hostname /.ssh/known_hosts,and delete the 4 lines, and save it.

Then run ssh root@pong again, you will see message like this:Are you sure you want to continue connecting (yes/no)? yes, just print yes.

Note: If you got some problem, read the hints first, it will help.

---

Only client side problem(duplicate key for ip):

Solve variants:

For clear one ip(default port 22):

ssh-keygen -f -R 7.7.7.7

For one ip(non default port):

ssh-keygen -f -R 7.7.7.7:333

Fast clear all ips:

cd ~; rm .ssh/known_hosts

7.7.7.7 - ssh your server ip connect

333 - non standart port

---

Sometimes, if for any reason, you need to reinstall a server, when connecting by ssh we will find that you server say that the identification has changed. If we know that it is not an attack, but that we have reinstated the system, we can remove the old identification from the known_hosts using ssh-keygen:

ssh-keygen -R <host/ip:hostname>
root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old

When connecting again we will ask you to validate the new fingerprint:

ssh -l user <host/ip:hostname>
The authenticity of host '<host/ip:hostname>' can't 
be established.
RSA key fingerprint is 3f:3d:a0:bb:59:24:35:6d:e5:a0:1a:3f:9c:86:81:90.
Are you sure you want to continue connecting (yes/no)? yes

---

Just do:

cd /home/user/.ssh/ -> here user will be your username, i.e. /home/jon/ for example.

Then

gedit known_hosts & and delete the contents inside it.

Now ssh again, it should work.

---

I had this problem, and the reason is very simple, I have a duplicated IP address to ssh login, so after modify this problem, everthing is solved.

---

I had the same error in my machine, and I clear the authorized_keys and known_hosts file, and after that, it works fine.

---

My solution is:

1. vi ~/.ssh/known_hosts
2. delete the line that contains your want connected ip.

This is better than delete all of the known_hosts

---

SOLUTION:

1- delete from "$HOME/.ssh/known_hosts" the line referring to the host towards which is impossible to connect.

2- execute this command: ssh-keygen -R "IP_ADDRESSorHOSTNAME" (substitute "IP_ADDRESSorHOSTNAME" with your destination ip or destination hostname)

3- Retry ssh connection (if it fails please check permission on .ssh directory, it has to be 700)

---

My solution on UBUNTU (linux):

1.You have to delete the content from "known_hosts" file which is in "/home/YOUR_USERNAME/.ssh/known_hosts"

2.Generate a new ssh key like "ssh-keygen -t rsa -C "your.email@example.com" -b 4096"

3.Copy-paste your new ssh key in your git repository (gitlab in my case) SSH keys.

It works for me !

참고URL : https://stackoverflow.com/questions/20840012/ssh-remote-host-identification-has-changed