SSH登陆失败:Host key verification failed

从镜像恢复系统后,发现ssh登陆不了了。报错如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
zou@zou-OptiPlex-390:~$ ssh zou@104.131.35.225
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
73:c7:c5:1c:ea:3c:ef:be:db:47:61:1e:99:fc:ab:57.
Please contact your system administrator.
Add correct host key in /home/zou/.ssh/known_hosts to get rid of this message.
Offending RSA key in /home/zou/.ssh/known_hosts:8
remove with: ssh-keygen -f "/home/zou/.ssh/known_hosts" -R 104.131.35.225
ECDSA host key for 104.131.35.225 has changed and you have requested strict checking.
Host key verification failed.

 

解决方法

删除本地电脑的known_host.

1
2
3
4
zou@zou-OptiPlex-390:~$ cd .ssh/
zou@zou-OptiPlex-390:~/.ssh$ ls
known_hosts
zou@zou-OptiPlex-390:~/.ssh$ rm known_hosts -rf

 

 

再继续连,就连上了.

1
2
3
4
5
6
7
zou@zou-OptiPlex-390:~/.ssh$ ssh zou@104.131.35.225
The authenticity of host '104.131.35.225 (104.131.35.225)' can't be established.
ECDSA key fingerprint is 73:c7:c5:1c:ea:3c:ef:be:db:47:61:1e:99:fc:ab:57.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '104.131.35.225' (ECDSA) to the list of known hosts.
zou@104.131.35.225's password:
Last login: Wed Sep 10 01:25:42 2014

 

 

原因

a机通过ssh连接b机时,会把b机的信息保存在a机的root的.ssh/known_hosts文件里,由于b机被重装(本案例是被替换),b机的信息被改变,与a机文件的信息不一致, ssh就不让连接。解决方法也很简单,直接把a机相应文件里的b机信息删掉(报错信息里提示里具体位置/root/.ssh/known_hosts:10,再次连接时系统会提示是否更改b机信息,输入yes 即可。
在连接前后看/known_hosts文件的日期变化也可以清晰得看出该文件被更改。

坚持原创技术分享,您的支持将鼓励我继续创作!