Home | Mirror | Search

4. ssh-keygen — authentication key generation, management and conversion

4.1. .ssh/known_hosts

當你的重裝伺服器,或者更換IP地址會提示.ssh/known_hosts中的Key不匹配,例如下面的提示

$ ssh logs@120.132.144.48
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
99:9b:da:86:dd:8d:ae:46:66:00:e0:09:fb:c5:56:3d.
Please contact your system administrator.
Add correct host key in /home/neo/.ssh/known_hosts to get rid of this message.
Offending RSA key in /home/neo/.ssh/known_hosts:43
  remove with: ssh-keygen -f "/home/neo/.ssh/known_hosts" -R 172.12.14.48
RSA host key for 172.12.14.48 has changed and you have requested strict checking.
Host key verification failed.
			

打開/home/neo/.ssh/known_hosts檔案刪除43行即可,也同樣可以使用下面命令刪除

ssh-keygen -f "/home/neo/.ssh/known_hosts" -R 172.12.14.48
			

提示

CentOS不會提示你remove with: ssh-keygen -f "/home/neo/.ssh/known_hosts" -R 172.12.14.48

$ ssh-keygen -f "/home/neo/.ssh/known_hosts" -R 172.12.14.48
/home/neo/.ssh/known_hosts updated.
Original contents retained as /home/neo/.ssh/known_hosts.old

			
comments powered by Disqus