NoCache

Table of Contents

Fix SSH "Remote Host Identification has Changed" on Linux

Cyrus Kao
Last modified on .

If you encounter the error WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! while connecting to your remote machine through SSH, it means the identification key on the server is not the same as the last connection. To fix this, simply remove the host's key from ~/.ssh/known_hosts.

Error message example:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:w9g7MituUpR5oFSwKpLwmupwSpyHZDjDDt4gK6+Qjuo.
Please contact your system administrator.
Add correct host key in /home/arch/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/arch/.ssh/known_hosts:14
Host key for localhost has changed and you have requested strict checking.
Host key verification failed
Output

Solution

There are two ways to remove the host's identification keys, either by ssh-keygen or doing it manually.

Reset the keys only if you're certain that the identity change is caused by you.

Using ssh-keygen (Recommend)

Remove all keys belonging to the hostname from known_hosts:

$ ssh-keygen -R localhost

Change localhost to the hostname (e.g. IP address, domain name) of your server.

Delete Manually

Remove the line of known_hosts according to your error message, it's /home/arch/.ssh/known_hosts:14 in my case:

known_hosts
~/.ssh/known_hosts in gedit

Comments

Sign in to leave a comment.