遇到“REMOTE HOST IDENTIFICATION HAS CHANGED!”(远程主机识别已更改)的警告
连接虚拟机时提示报错:
[insocoper@hq-soc-cap-raw3 ~]$ ssh root@10.99.141.104
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:YkUnJhVJ4PpNa5Mnq3JgtBUpPpzb71WjpER9HSTr0fE.
Please contact your system administrator.
Add correct host key in /home/insocoper/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/insocoper/.ssh/known_hosts:1847
Host key for 10.99.141.104 has changed and you have requested strict checking.
Host key verification failed.
这种情况可以由以下几种情况引起:
- 服务器端确实更换了它的SSH密钥。
- 你的DNS或网络配置导致你连接到了不同的机器。
- 可能存在中间人攻击。
在大多数情况下,特别是如果你确定服务器最近进行了重装或者配置更改,那么最可能的情况是服务器的SSH密钥发生了变化。为了解决这个问题,你需要从known_hosts文件中移除旧的密钥条目,然后重新连接,此时SSH客户端会自动添加新的主机密钥到known_hosts文件中。
解决办法:
# 命令会移除与10.99.141.104相关的所有条目。
# 该命令可以删除有关这个主机的所有密钥信息
ssh-keygen -R 10.99.141.104或者你有权限并且想要手动编辑known_hosts文件,也可以直接打开/home/insocoper/.ssh/known_hosts文件并删除第1847行(根据错误信息中的提示),然后再进行连接。(如果手动删除,要删除干净1847行附近10.99.141.104的密钥信息,因为有关这个主机的密钥信息可以存储的不止一条,如果没有删除所有有关这个主机的条目,则再次连接还会出现这个报错提示。)
再次尝试连接即可解决:
[insocoper@hq-soc-cap-raw3 ~]$ ssh root@10.99.141.104
The authenticity of host '10.99.141.104 (10.99.141.104)' can't be established.
ED25519 key fingerprint is SHA256:YkUnJhVJ4PpNa5Mnq3JgtBUpPpzb71WjpER9HSTr0fE.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.99.141.104' (ED25519) to the list of known hosts.
root@10.99.141.104's password:
Welcome to Ubuntu 24.04.1 LTS (GNU/Linux 6.8.0-41-generic x86_64)* Documentation: https://help.ubuntu.com* Management: https://landscape.canonical.com* Support: https://ubuntu.com/proSystem information as of Wed Dec 18 06:05:19 PM UTC 2024System load: 0.01 Temperature: 68.0 CUsage of /: 2.4% of 432.02GB Processes: 1039Memory usage: 0% Users logged in: 1Swap usage: 0% IPv4 address for ens3f0: 10.99.141.104Expanded Security Maintenance for Applications is not enabled.0 updates can be applied immediately.Enable ESM Apps to receive additional future security updates.
See https://ubuntu.com/esm or run: sudo pro statusThe list of available updates is more than a week old.
To check for new updates run: sudo apt updateThe programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.root@localhost:~#