Re: How to get new RSA key in known_hosts file?
25.05.2012 07:45, Scott Ferguson:
> On 25/05/12 13:47, Celejar wrote:
>> On Thu, 24 May 2012 20:24:49 -0700 Marc Shapiro
>> <marcnshap@gmail.com> wrote:
>>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @
>>> WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
>>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS
>>> POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
>>
>> ...
>>> It is also possible that the RSA host key has just been changed.
>>> The fingerprint for the RSA key sent by the remote host is
>>> cb:fa:a3:10:3d:01:c0:e6:6a:2d:3e:59:e1:b9:4e:b8. Please contact
>>> your system administrator. Add correct host key in
>>> /home/marc/.ssh/known_hosts to get rid of this message. Offending
>>> key in /home/marc/.ssh/known_hosts:1
>>
>>> How do I manually enter the rsa key, or get ssh to do so, so that I
>>> can connect again?
>>
>> Issue 'ssh-keygen -R your_hostname_or_ip_address'
>
> Marc has previously connected to a given address and stored a key.
Yes.
> That address now has another key - the correct (IMO) approach is to
> delete the old key for that address (remove the 1st entry in
> ~/.ssh/known_hosts.
Yes.
> i.e. change the key stored for *that* computer.
>
> You've asked him to change *his* key which will have no effect on the
> problem (the machine he's connecting to still has a new key that differs
> from the one he has stored).
Wrong. Celejar's advice is correct.
man ssh-keygen
| -R hostname
| Removes all keys belonging to hostname from a known_hosts
| file. This option is useful to delete hashed hosts (see the -H
option above).
One can, of course, edit known_hosts manually to achieve the same
effect. But I consider ssh-keygen -R to be the safer method.
--
Regards
mks
Reply to: