I just got this error while trying to connect to a computer through ssh
.
I had set up the connection to allow me to connect using just my self-signed certificate, but now I am unable to connect.
This is just a server I am using for a home-server, and I can access it directly if necessary.
ssh user@server @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ The RSA host key for server has changed, and the key for the corresponding IP address 192.168.0.6 is unchanged. This could either mean that DNS SPOOFING is happening or the IP address for the host and its host key have changed at the same time. Offending key for IP in /home/user/.ssh/known_hosts:3 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 91:c9:85:31:8e:4f:87:b3:6c:9c:9d:1a:15:db:ab:ae. Please contact your system administrator. Add correct host key in /home/brad/.ssh/known_hosts to get rid of this message. Offending key in /home/user/.ssh/known_hosts:2 RSA host key for server has changed and you have requested strict checking. Host key verification failed.
This is the content of ~/.ssh/known_hosts
.
|1|d5CgOYPDw2Q7wlQyjpF7+4jKjOU=|vmXkaQaDnT/64x0XFFi0U8BNRbg= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAr/m+Oz/9pnreHxXg5bXzsn0Ka2QREFOnny7L2T2mjZX/0dE4/x/RBa0AhekMmvmYw8BJ2AW326vogUJtHrZzizXuPS4T2jylkwBv0gsnOf4OO7iPNGHo1CCkp1DmP6oFpj/wBBg0yloFxGNiadgaNBydiMpl7eXtbDYpa0epWI1HZ8mZ9Ol05NOu2XmyKetfNAvFMFlK1VAXCE/APtWYugqcbbQhrL0r8Ir4/D0O9MgW9kMyka0MurOrhimk5cz0LKPVyFcXtBWzWK4XwbL7sw5i6k30khDV2h/k2SpGiCsiu0OM243rCf3a1rkAAJxmWl9z8eC7sfKJA8FGljUbww== |1|6RbvzZSpKoIlRMl8ofMSPoN1qfA=|l7MRcepn1d2O2CaQlUJ5gw/NTSw= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAr/m+Oz/9pnreHxXg5bXzsn0Ka2QREFOnny7L2T2mjZX/0dE4/x/RBa0AhekMmvmYw8BJ2AW326vogUJtHrZzizXuPS4T2jylkwBv0gsnOf4OO7iPNGHo1CCkp1DmP6oFpj/wBBg0yloFxGNiadgaNBydiMpl7eXtbDYpa0epWI1HZ8mZ9Ol05NOu2XmyKetfNAvFMFlK1VAXCE/APtWYugqcbbQhrL0r8Ir4/D0O9MgW9kMyka0MurOrhimk5cz0LKPVyFcXtBWzWK4XwbL7sw5i6k30khDV2h/k2SpGiCsiu0OM243rCf3a1rkAAJxmWl9z8eC7sfKJA8FGljUbww== |1|9rVqV4b7VneWzhpHeig7SDxVM2I=|6kUP3PZy+oVKzWoI+BmdTvDST7M= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsgc5hj6+geXQ7+5TynE1W19lgH/If5wratYY3MHfzlE2RR8FrL28wcmJzDyEkBifNh23F01bhZIiXfVKGp/PF20+eqq84bnwa2cAQFHFEHCnY7agNAg3WW8jBO3eerWg9ZfWZhW9Lo32sG6Er/4Eia/Vo/JxdnI9mCG4HuKBO1dd2gBg5+9NLskKFX/Yh5XjV4a54QDx6/ktP3pE8NRbYfGouWTmU//td749vRbN/SEPBKvuwANkxhbusjw00teDQ2AMqG30YyQvxu0H00jB3idfEzAT5e7FC751Xbkd3T15Dd9A0320E+0HC38BJztMluS46ji3+M5a4jv1Dqttvw== |1|cE5cVMpkJlL/OuvFSBEu+ZjDdW8=|e04sC1zJ8JpI6zN+uzUS2/6HBBQ= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs7JJacVNc1wk/6RZqMHin5RwR/LdIcMGGeG6WG4Sl/wETY9KYUVd126Yb2MV7vBT/8dW0iE6u6+sRVM3Xn5MG9K2PvQ57SbIQ53FvR4qBCqYkSn5sKs2wt9GpXh2MFN5TuXth2d1BABSR2a1u461K8SKbhclPVeFCeligaI4lGc= |1|h3/mWczIHdBmfFBO2hBIxz8BgOY=|GOVyuZWCfGKP31FcbgZsqkyVHcA= ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAs7JJacVNc1wk/6RZqMHin5RwR/LdIcMGGeG6WG4Sl/wETY9KYUVd126Yb2MV7vBT/8dW0iE6u6+sRVM3Xn5MG9K2PvQ57SbIQ53FvR4qBCqYkSn5sKs2wt9GpXh2MFN5TuXth2d1BABSR2a1u461K8SKbhclPVeFCeligaI4lGc=
Any help would be greatly appreciated.
The times I've seen this is when I reinstalled the computer in question (that is, the server being connected to via
ssh
). If you see this at any other time, be cautious. If you have, in fact, just reinstalled that server -- or have done something else that might legitimately cause it's ssh key to change -- then the solution is to remove that server's entry from yourfile.
You used to have a different machine named "
server
", and now you've moved that name to an IP address previously used by something else. The easiest thing to do, assuming you know the machine is what it is, is to run:And be on your way. For actual security, you should take an out-of-band copy of the server's key fingerprint and verify that is the fingerprint provided by the server when you first connect (and it comes up with the "unknown host" warning), but it sounds like it's a home server with little chance of a man-in-the-middle attack ruining your day.
The short and simple answer is to simply remove line 2 and 3. Of course it is important to make sure that you actually are connecting to the server and not being intercepted.