当ssh远程连接阿里云时:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:FR1HuMzhWDa9CBpcAiiKglNL8FVewJJTWsf0000000.
Please contact your system administrator.
Add correct host key in /home/zhang/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/zhang/.ssh/known_hosts:2
remove with:
ssh-keygen -f "/home/zhang/.ssh/known_hosts" -R "****.***.***.***"
ECDSA host key for ***.***.***.*** has changed and you have requested strict checking.
Host key verification failed.
出现以上类似错误:首先去翻译找出错误可能出现在哪里?
ssh远程登录原理:用OpenSSH的人都知ssh会把你每个你访问过计算机的公钥(public key)都记录在~/.ssh/known_hosts。当下次访问相同计算机时,OpenSSH会核对公钥。如果公钥不同,OpenSSH会发出警告,
而我出现的错误是由于远程阿里云的ECDSA主机密钥已更改,本机旧的公钥信息无法使用新秘钥。
所以有三种方法:
方法一:
rm -rf ~/.ssh/known_hosts
优点:干净利索
缺点:把其他正确的公钥信息也删除,下次链接要全部重新经过认证
-
方法二:
vi ~/.ssh/known_hosts
删除对应ip的相关rsa信息(本例可知删除53行信息即可)
++++++++++++++++++
优点:其他正确的公钥信息保留
缺点:还要vi,还要找到对应信息,稍微优点繁琐
-
方法三:
清除旧的公钥信息
ssh-keygen -R 192.168.0.100
++++++++++++++++++
优点:快、稳、狠
缺点:没有缺点