Fix SSH "Remote Host Identification has Changed" on Linux
Last modified on .
If you encounter the error WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
while connecting to your remote machine through SSH, it means the identification key on the server is not the same as the last connection. To fix this, simply remove the host's key from ~/.ssh/known_hosts
.
Error message example:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:w9g7MituUpR5oFSwKpLwmupwSpyHZDjDDt4gK6+Qjuo.
Please contact your system administrator.
Add correct host key in /home/arch/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/arch/.ssh/known_hosts:14
Host key for localhost has changed and you have requested strict checking.
Host key verification failed
Output
Solution
There are two ways to remove the host's identification keys, either by ssh-keygen
or doing it manually.
Reset the keys only if you're certain that the identity change is caused by you.
Using ssh-keygen
(Recommend)
Remove all keys belonging to the hostname from known_hosts
:
$ ssh-keygen -R localhost
Change
localhost
to the hostname (e.g. IP address, domain name) of your server.
Delete Manually
Remove the line of known_hosts
according to your error message, it's /home/arch/.ssh/known_hosts:14
in my case: