更新 known_host 內容
當你使用ssh用戶端登入IP或網域名稱,發生如下的警告而無法登入:
[danny@lab-p5e-vm ~]$ ssh root@192.168.9.86 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is SHA256:ifadanbrGuSaIBz00KO8GvU2FyxvCBNLtSpjL+pngxs. Please contact your system administrator. Add correct host key in /home/danny/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /home/danny/.ssh/known_hosts:22 ECDSA host key for 192.168.9.86 has changed and you have requested strict checking. Host key verification failed. [danny@lab-p5e-vm ~]$
這主要的原因為與ssh server連接的公鑰指紋碼已經變更,與儲存公鑰指紋碼的known_hosts內容不同而無法登入,
那要如何才能登入?首先你要先用指令將已儲存該網域/IP的公鑰指紋碼移除:
ssh-keygen -R 192.168.9.86
之後再重新登入就會再詢問你要不要儲存新的公鑰指紋碼:
[danny@lab-p5e-vm ~]$ ssh root@192.168.9.86 The authenticity of host '192.168.9.86 (192.168.9.86)' can't be established. ECDSA key fingerprint is SHA256:ifadanbrGuSaIBz00KO8GvU2FyxvCBNLtSpjL+pngxs. Are you sure you want to continue connecting (yes/no)?
此時再按下yes就會將新的公鑰指紋碼儲存後更新,再輸入登入密碼就完成登入。
參考資料
關鍵字:REMOTE HOST IDENTIFICATION HAS CHANGED