更新 known_host 内容

当你使用ssh用户端登入IP或网域名称，发生如下的警告而无法登入：

[danny@lab-p5e-vm ~]$ ssh root@192.168.9.86
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:ifadanbrGuSaIBz00KO8GvU2FyxvCBNLtSpjL+pngxs.
Please contact your system administrator.
Add correct host key in /home/danny/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/danny/.ssh/known_hosts:22
ECDSA host key for 192.168.9.86 has changed and you have requested strict checking.
Host key verification failed.
[danny@lab-p5e-vm ~]$

这主要的原因为与ssh server连接的公钥指纹码已经变更，与储存公钥指纹码的known_hosts内容不同而无法登入，

那要如何才能登入？首先你要先用指令将已储存该网域/IP的公钥指纹码移除：

ssh-keygen -R 192.168.9.86

之后再重新登入就会再询问你要不要储存新的公钥指纹码：

[danny@lab-p5e-vm ~]$ ssh root@192.168.9.86
The authenticity of host '192.168.9.86 (192.168.9.86)' can't be established.
ECDSA key fingerprint is SHA256:ifadanbrGuSaIBz00KO8GvU2FyxvCBNLtSpjL+pngxs.
Are you sure you want to continue connecting (yes/no)?

此时再按下yes就会将新的公钥指纹码储存后更新，再输入登入密码就完成登入。

参考资料

• 鸟哥的 Linux 私房菜

• Updating host keys

关键字：REMOTE HOST IDENTIFICATION HAS CHANGED