Page 1 of 1

SSH login error: Remote host indentification has changed

Posted: 2007/12/06 13:47:43
by railer
Greetings,

I just had my hosting provider install CentOS 5 on three new dedicated servers for me. When I try to login via ssh, I get an error message which says that the "remote host identification has changed", and warning of a possible "man-in-the-middle-attack". It goes on to say that I need to "add correct host key in /Users/my_server_name/.ssh/known_hosts to get rid of this message." Also "Offending key in /Users/my_server_name/.ssh/known_hosts:4".

These servers will be commercial web servers for eCommerce sites. What is the recommended solution to this so that I can login via ssh? I read elsewhere that I can delete a specific line from the known_hosts file. Which one? Is the number "4" significant in that instance? Note: I cannot actually view the file, but hope to instruct my hosting provider.

Here's an article about the subject called SSH Host Key Protection:
http://www.securityfocus.com/infocus/1806

Scroll down to the subheading: "Host Key Checking Paranoia". The second item is about the issue I'm dealing with.

Thanks for any help,
railer

SSH login error: Remote host indentification has changed

Posted: 2007/12/06 14:11:28
by gerald_clark
The file is on the machine you are using to connect to the server.
When you had the remote machine reloaded, new keys were generated.
You have to delete the key in your known_hosts file so that you can get
the correct key from the remote server.

Re: SSH login error: Remote host indentification has changed

Posted: 2007/12/06 14:47:50
by railer
[quote]
gerald_clark wrote:
The file is on the machine you are using to connect to the server.
When you had the remote machine reloaded, new keys were generated.
You have to delete the key in your known_hosts file so that you can get
the correct key from the remote server.[/quote]

Thanks Gerald,

By "delete the key" I assume you mean to remove the line in the known_hosts file? I found [url=http://www.cyberciti.biz/faq/warning-remote-host-identification-has-changed-error-and-solution/]this article[/url] which discusses a solution for this problem. It says to delete the line in the known_hosts file identified as containing the "offending key" in the error message (see my post above) which in this case seems to be indicating line "4", after the colon. Am I correct in this?

I guess when the server(s) was re-imaged with CentOS 5, it left the file intact?

Well, I look forward to your confirmation of the above.

Thanks,
railer

Re: SSH login error: Remote host indentification has changed

Posted: 2007/12/06 15:04:33
by gerald_clark
That file is NOT on the server. It is on the workstation you are using to connect to the server.
Delete the line in known_hosts that refers to the server you are attempting to connect to.
If you can't figure out which line to delete, just delete the file. The first time you attempt to ssh to
a server, you will be asked to verify that you want to connect.