Removing a key from the Known Hosts file

Example: Sometimes you want to connect to a machine using the same address as a decommissioned one. And guess what? The keys have been decommisioned as well. If you try to SSH into the machine, you'll be prevented with an error such as this:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.
Offending RSA key in /home/user/.ssh/known_hosts:3

This means that key number 3 in your known_hosts file is the offending key and has to be removed.

This is the right way to remove a key from your Known Hosts file (usually ~/.ssh/known_hosts):

ssh-keygen -f ~/.ssh/known_hosts -R machine.address

You may need to repeat the command using the IP address instead of a network name.