LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 08-22-2011, 09:39 AM   #1
rblampain
Member
 
Registered: Aug 2004
Location: Western Australia
Distribution: Debian 7
Posts: 833

Rep: Reputation: 35
RSA host key has just been changed


When I try to login to my hosted VPS I get the following message:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:1
RSA host key for 173.0.55.170 has changed and you have requested strict checking.
Host key verification failed.
lost connection

I understand this message refers to the key on my VPS which could be due to the fact I deleted it when I reinstalled the OS. I also suppose the "fingerprint" referred to above is not the same thing than the "correct key" I am advised to put in /root/.ssh/known_hosts
to "get rid of this message."

I tried to copy the file saved in my local machine as /home/user/.ssh/id_rsa.pub to the relevant directory of the remote VPS but I get the same message repeated.

I am new to this and I am unsure of what I need to do. Can someone help?

Thank you for your help.
 
Old 08-22-2011, 09:42 AM   #2
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, Lubuntu, FreeBSD
Posts: 3,930
Blog Entries: 5

Rep: Reputation: Disabled
If (and only if) you re-installed your Linux distro without first backing up sshd(8)'s host keys, then this can be expected.

Assuming the "if" above is true (both for you, and for future thread readers), then edit /root/.ssh/known_hosts and remove the first line. Then connect again, and accept the new fingerprint.
 
1 members found this post helpful.
Old 08-22-2011, 09:47 AM   #3
thesnow
Member
 
Registered: Nov 2010
Location: Minneapolis, MN
Distribution: Ubuntu, Red Hat, Mint
Posts: 122

Rep: Reputation: 27
The host key mentioned should go in your local known_hosts (e.g. /home/user/.ssh/known_hosts). If you are sure you are actually connecting to the server you think you are, it is probably easiest to remove the line in question from your known_hosts file, connect to the server again, then follow the normal prompts. See http://www.thegeekstuff.com/2010/04/...wn_hosts-file/

Last edited by thesnow; 08-22-2011 at 09:49 AM.
 
1 members found this post helpful.
Old 08-23-2011, 12:05 PM   #4
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 1,319

Rep: Reputation: 252Reputation: 252Reputation: 252
Quote:
Originally Posted by thesnow View Post
Just to note, that there are even commands in ssh to remove entries from the known_hosts file:
Code:
$ ssh-keygen -R hostname
As there can exist two entries (one with a name, one with an address) it might be necessary issue the command twice. If you then want to add the new hostkey before any connection, one can use:
Code:
$ ssh-keyscan -t rsa hostname
 
Old 08-23-2011, 07:36 PM   #5
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Colombia
Distribution: Kubuntu, Debian, Knoppix
Posts: 1,982
Blog Entries: 1

Rep: Reputation: 83
If the server has changed the key (for instance, it was reinstalled), just remove the offending key from /root/.ssh/known_hosts... in your output it appears as if the offending key is on the first line of the file. That should do.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
rsa host key error while trying to ssh to server abti Linux - Security 12 01-09-2013 06:45 AM
Single LAN port inexplicably changes RSA host key... pjd83 Linux - Networking 2 02-20-2010 04:57 PM
A question about rsa host key fingerprints lawrence_lee_lee Linux - Software 8 07-17-2008 09:58 PM
RSA host key for 172.17.5.60 has changed ssharma_02 Red Hat 3 11-15-2006 09:55 AM
ssh rsa key changed after upgrade itsjustme Linux - General 11 11-06-2003 09:12 AM


All times are GMT -5. The time now is 03:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration