ssh WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

原创

潇凝子潇 2022-10-24 20:22:35 ©著作权

文章标签 ssh linux centos ide 文件名 文章分类 虚拟化云计算

©著作权归作者所有：来自51CTO博客作者潇凝子潇的原创作品，请联系作者获取转载授权，否则将追究法律责任

WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

root@node145:~# ssh-copy-id -i ~/.ssh/id_rsa.pub  root@10.17.20.144
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
ERROR: Someone could be eavesdropping on you right now (man-in-the-middle attack)!
ERROR: It is also possible that a host key has just been changed.
ERROR: The fingerprint for the ECDSA key sent by the remote host is
ERROR: SHA256:PO6FFmEQ9kOL1nodp3vLqVvCRW00Rhnn6cD9+SxbfbU.
ERROR: Please contact your system administrator.
ERROR: Add correct host key in /root/.ssh/known_hosts to get rid of this message.
ERROR: Offending ECDSA key in /root/.ssh/known_hosts:2
ERROR:   remove with:
ERROR:   ssh-keygen -f "/root/.ssh/known_hosts" -R "10.17.20.144"
ERROR: ECDSA host key for 10.17.20.144 has changed and you have requested strict checking.
ERROR: Host key verification failed.

### 解决方式 重新指定 保存密钥的文件名
root@node145:~# ssh-keygen -f "/root/.ssh/known_hosts" -R 10.17.20.144
# Host 10.17.20.144 found: line 2
/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old
root@node145:~# ssh-copy-id -i ~/.ssh/id_rsa.pub  root@10.17.20.144
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '10.17.20.144 (10.17.20.144)' can't be established.
ECDSA key fingerprint is SHA256:PO6FFmEQ9kOL1nodp3vLqVvCRW00Rhnn6cD9+SxbfbU.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@10.17.20.144's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@10.17.20.144'"
and check to make sure that only the key(s) you wanted were added.

ssh-keygen命令用于为“ssh”生成、管理和转换认证密钥，它支持RSA和DSA两种认证密钥.

ssh-keygen(选项)

-b：指定密钥长度； -e：读取openssh的私钥或者公钥文件； -C：添加注释； -f：指定用来保存密钥的文件名； -i：读取未加密的ssh-v2兼容的私钥/公钥文件，然后在标准输出设备上显示openssh兼容的私钥/公钥； -l：显示公钥文件的指纹数据； -N：提供一个新密语； -P：提供（旧）密语； -q：静默模式； -t：指定要创建的密钥类型。