Remote Host Identification Has Changed Warning – how to solve

When you’re trying to connect a remote machine via ssh, if you’re getting the Warning: Remote Host Identification Has Changed, here is why and how to solve it.

Seeing this error for the first time may be pretty frustrating. However, do not panic and try to connect again because you will fail miserably! See the solution below, this error is both easy to understand and also easy to solve.

Why you’re getting Remote Host Identification Has Changed Warning

This happens when you connect a different machine with the exact same IP address before. In that case, since the public key is changed for this same IP, connection got refused. The reason of refusal is that this is the exactly same scenario as the man-in-the-middle attack. If you’re sure that this is not the case, what you need to do is generate a fresh key for the target. Here’s the exact error text and how to solve it:

The error message

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!   @  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
{Fingerprint for the RSA key}
Please contact your system administrator.
Add correct host key in {Corrupt hosts file} to get rid of this message.
Offending key in {Corrupt hosts file} :{Erroneous line}
RSA host key for {IP Address of the Host} has changed and you have requested strict checking.Host key verification failed.
Remote Host Identification Has Changed ssh warning

How to solve Remote Host Identification Has Changed Warning

The error message contains enough information to solve the situation. However, first be sure that you’re not being attacked in a man-in-the-middle configuration! If you’re sure, you need to clear existing ssh key since it belongs to a different device.

Either use:

  • mv {Corrupt hosts file} {Some other file}
  • ssh-keygen -f {Corrupt hosts file} -R {IP Address of the Host}
  • sed ‘{Erroneous line}d’ -i {Corrupt hosts file}

First will remove all the known ssh hosts, second generates a new ssh key for the problematic host, and the last will remove the problematic ssh key to be replaced for next connection.

Second one looks best for me. More answers can be found at stackoverflow.com

That’s all for the Warning: Remote Host Identification Has Changed. Check my homepage for more!

Leave a Reply

Your email address will not be published. Required fields are marked *