【ssh】Host key verification failed.

1、问题现象

$ ssh -X -p 2222 test@192.168.1.123
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:[省略]
Please contact your system administrator.
Add correct host key in /home/master/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/master/.ssh/known_hosts:7
remove with:
ssh-keygen -f "/home/master/.ssh/known_hosts" -R "[192.168.3.123]:2222"
ECDSA host key for [192.168.3.123]:2222 has changed and you have requested strict checking.
Host key verification failed.

 

2、 解决方法
$ ssh-keygen -f "/home/master/.ssh/known_hosts" -R "[192.168.1.123]:2222"
# Host [192.168.1.123]:2222 found: line 7
/home/master/.ssh/known_hosts updated.
Original contents retained as /home/master/.ssh/known_hosts.old

 

3、测试

$ ssh -X -p 2222 test@192.168.1.123
The authenticity of host '[192.168.1.123]:2222 ([192.168.1.123]:2222)' can't be established.
ECDSA key fingerprint is SHA256:[省略]
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.1.123]:2222' (ECDSA) to the list of known hosts.