关于ssh登录出现异常警告:WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
提示警告信息如下:
arnold@WSN:~$ ssh 10.18.46.111
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
08:98:a9:cc:f8:37:20:6b:b4:b1:6c:3a:15:b9:a9:92.
Please contact your system administrator.
Add correct host key in /home/arnold/.ssh/known_hosts to get rid of this message.
Offending key in /home/arnold/.ssh/known_hosts:2
RSA host key for 10.18.46.111 has changed and you have requested strict checking.
Host key verification failed.
原因分析:
It is also possible that a host key has just been changed.
我之前对ssh服务器重装了系统,导致所有与原系统建立过ssh连接的系统都无法再建立连接,因为在于原系统建立首次连接时,双方相互记录了对方的公钥(ssh基于非对称密钥技术),在ssh服务主机重装系统后,公钥改变了,任以旧版本公钥的主机自然是无法与新系统连接的。
网上还有分析为ssh主机被人黑了,并在消除入侵记录时对known_hosts文件做了改动。当然也不排除这种可能,但我估计我是没那个福气了:)
解决方案:
删除~/.ssh/known_hosts文件,或者如果你可以判断出known_hosts中原ssh服务器的公钥,删去那部分,
然后后再次建立新的连接,即可获得新的公钥。
posted on 2013-04-08 08:33 JohnChain 阅读(45522) 评论(0) 编辑 收藏 举报
