3 Ways to fix remote host identification has changed

Table of Contents

Whenever we connect to a server via SSH, that server’s public key is stored in our home directory. The file is called known_hosts.

When we reconnect to the same server, the SSH connection will verify the current public key matches the one we have saved in our known_hosts file.

If the server’s key has changed since the last time we connected to it, we will receive remote host identification has changed (or one similar to it).

In this article, we will share how to fix host key verification failed in 3 ways.

example of error remote host identification has changed

@@@@@@@@@@@@@@@@@@

@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@

@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!

It is also possible that a host key has just been changed. The fingerprint for the RSA key sent by the remote host is x. Please contact your system administrator.
Add correct host key in /home/ec2-user/.ssh/known_hosts to get rid of this message.

Offending RSA key in /home/ec2-user.ssh/known_hosts:222 RSA host key for howtouselinux.com has changed and you have requested strict checking.

Host key verification failed.

3 Ways to fix remote host identification has changed

Command Description
vi +number  /home/ec2-user.ssh/known_hosts remove the old host key from file known_hosts
ssh-keygen -R hostname remove the old host key from file known_hosts
ssh <device ip address> -o stricthostkeychecking=no skip the strict host checking when create ssh connection

Remove old host key info from known_hosts file

Locate our known_hosts file, and open in a general text editor.

The error will often give us the location of the known_hosts file we need to change.

In the example above the offending RSA key is located here: /home/ec2-user.ssh/known_hosts:222

# vi 222 /home/ec2-user.ssh/known_hosts

Once we open the known_hosts straight to line 222 do the following keyboard commands press “ESC dd” to delete the line.

we can save the changes by pressing “esc” and typing “:wq!”.

Fix remote host identification has changed with ssh-keygen command

Open up a terminal session, and type one of the following, (depending on the method we were trying to SSH with and receiving the error):
ssh-keygen -R hostname

ssh-keygen -R ipaddress

ssh-keygen -f “/home/ec2-user.ssh/known_hosts” -R “192.168.0.106”

Fix remote host identification has changed with ssh stricthostkeychecking options

ssh <device ip address> -o stricthostkeychecking=no

This command removes the old host key for the device in the known_hosts file in the /home/ec2-user.ssh/known_hosts file.

It replaces the old host key with the new host key.

 

Table of Contents

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

You might also like