REMOTE HOST IDENTIFICATION HAS CHANGED

When you try to ssh the another remote Linux/Unix machine , you might have encountered with the WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! . This message we have often seen when we work in Linux machines.

In this post we have provided the Reason and Solution on this Warning.

root@tuxworld:/tmp# ssh 10.10.0.16
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
13:f2:a2:87:ff:79:e5:92:79:b4:10:51:53:c2:fb:60.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:11
  remove with: ssh-keygen -f "/root/.ssh/known_hosts" -R 10.10.0.16
RSA host key for 10.10.0.16 has changed and you have requested strict checking.
Host key verification failed.
root@tuxworld:/tmp#

Why it happens ?

Answer : Because it is mismatch of fingerprint information which is saved in .known_hosts file in your system with fingerprint value available in Server.

Where is fingerprint info ?

Answer : It is available itself in Error message. Below is the eg. just check in above error message also

The fingerprint for the RSA key sent by the remote host is
13:f2:a2:87:ff:79:e5:92:79:b4:10:51:53:c2:fb:60.

How to Solve – “WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED

You have to delete the particular line from ~/.ssh/known_hosts file.
see the line no. 12 in above message “Offending ECDSA key in /root/.ssh/known_hosts:11“.
In line you are getting number 11 . Hence this is the line no. in known_hosts which you have to delete.

Here we will use vi editor to directly jump into that line number

vi +11 ~/.ssh/known_hosts

Cursor will automatically move to line number you only have to type dd in vi editor to delete the line and then type :wq for save and exit

dd
:wq

Or if you forgot to use number in vi command in terminal. After opening the ~/.ssh/known_hosts file type :set nu it will show you line numbers. see below given image.

ssh
ssh

Now move your cursor with the help of arrow key and reach at the start of line nu. Here in this eg. we will reach to line number 11 .
Then again same step. type dd and :wq to save and exit

dd
:wq
ssh
ssh

Now do ssh to the server,the issue will be gone now. And it will again ask you to accept the fingerprint value to add it in .known_hosts file.

See in the given below screenshot, this time fingerprint value is different (i.e 13:f2:a2:87:ff:79:e5:92:79:b4:10:51:53:c2:fb:60)

ssh
ssh

Another command to remove key if you have remote ip address,system hostname or FQDN

To remove the ssh key from known_hosts file there is another command.

for eg.
With hostname or FQDN

ssh-keygen -R server1.example.com
or
ssh-keygen -f "~/.ssh/known_hosts" -R server1.example.com

Example with ip address

ssh-keygen -R 10.0.0.29
or
ssh-keygen -f "~/.ssh/known_hosts" -R 10.0.0.29

We have also explained about the SSH key in this post – “How to know public key fingerprint

Read Some More Articles

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.