Removing a key from the Known Hosts file

Fonte: TecPorto
Revisão em 15h57min de 30 de maio de 2018 por Cláudia (discussão | contribs) (Criou a página com "Example: Sometimes you want to connect to a machine using the same address as a decommissioned one. And guess what? The keys have been decommisioned as well. If you try to S...")
(dif) ← Revisão anterior | Revisão atual (dif) | Revisão seguinte → (dif)
Saltar para a navegação Saltar para a pesquisa

Example: Sometimes you want to connect to a machine using the same address as a decommissioned one. And guess what? The keys have been decommisioned as well. If you try to SSH into the machine, you'll be prevented with an error such as this:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the RSA key sent by the remote host is XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX. Please contact your system administrator. Add correct host key in /home/user/.ssh/known_hosts to get rid of this message. Offending RSA key in /home/user/.ssh/known_hosts:3

This means that key number 3 in your known_hosts file is the offending key and has to be removed.

This is the right way to remove a key from your Known Hosts file (usually ~/.ssh/known_hosts):

ssh-keygen -f ~/.ssh/known_hosts -R machine.address

You may need to repeat the command using the IP address instead of a network name.

Obtida de "https://tecporto.pt/wiki/index.php?title=Removing_a_key_from_the_Known_Hosts_file&oldid=37"