修复"警告:远程主机识别已更改"在Linux中的错误
时间:2020-03-21 11:48:54 来源:igfitidea点击:
试图在我的远程Ubuntu 20.04 LTS服务器中进行SSH并遇到此消息警告:远程主机识别已更改!
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
$ssh Hyman@theitroad
示例输出:
@ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ @ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is SHA256:K/jEKNQCYYOilJxOZc7qAWlu4xu0nW+MD09DfJL7+gc. Please contact your system administrator. Add correct host key in /home/sk/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /home/sk/.ssh/known_hosts:11 remove with: ssh-keygen -f "/home/sk/.ssh/known_hosts" -R "192.168.225.52" ECDSA host key for 192.168.225.52 has changed and you have requested strict checking. Host key verification failed.
这实际上不是错误消息。
它只是一个安全通知,指示给定远程系统的ECDSA主机密钥自上次连接以来已更改。
正如我们所知道的,当我们通过SSH首次访问远程系统时,通过SSH从本地系统访问该远程主机发送的ECDSA密钥的指纹,并在本地中缓存并存储在$home/.ssh/neark_hosts文件中系统。
重新安装远程系统或者为多个远程系统分配相同的IP地址后,身份(指纹)发生变化时,上述警告消息显示。
修复"警告:远程主机识别已更改"在Linux中的错误
要解决此问题,只需删除使用命令的本地系统上的IP地址的缓存密钥:
$ssh-keygen -R 192.168.225.52
示例输出:
# Host 192.168.225.52 found: line 11 /home/sk/.ssh/known_hosts updated. Original contents retained as /home/sk/.ssh/known_hosts.old
我们还可以显式指定已知的-f标志的known_hosts文件的路径,如下面的标志。
$ssh-keygen -f "/home/sk/.ssh/known_hosts" -R "192.168.225.52"
上面的命令将删除属于本地系统的已知adjosts文件的远程主机的所有键。
此外,已知_hosts文件的旧内容将保留在名为"已知_hosts.old"的文件中。
如果使用不同的SSH端口,则需要明确提及它如下所示:
$ssh-keygen -R 192.168.225.52:1234
其中1234是SSH端口号。
用实际的SSH端口号替换它。
删除键后,请使用命令再次尝试进入远程系统:
$ssh Hyman@theitroad
键入"是"并按Enter键在本地系统中添加远程主机密钥:
The authenticity of host '192.168.225.52 (192.168.225.52)' can't be established. ECDSA key fingerprint is SHA256:K/jEKNQCYYOilJxOZc7qAWlu4xu0nW+MD09DfJL7+gc. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.225.52' (ECDSA) to the list of known hosts. Hyman@theitroad's password:
现在我们可以通过SSH访问远程系统。
