Tag Archives: Linux ECDSA key Error

[Solved] Linux ECDSA key Error: Host key verification failed

Project scenario:

Under Linux Ubuntu system, use SCP command to transfer files from another server to this server.


Problem description

tips: describe the problems encountered in the project here:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:'A string of characters'.
Please contact your system administrator.
Add correct host key in /home/tonnn/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/tonnn/.ssh/known_hosts:12
ECDSA host key for 'External Server IP' has changed and you have requested strict checking.
Host key verification failed.

Cause analysis:

Tip: fill in the problem analysis here:

I found out after Google that the ECDSA key of the cloud server was changed because I reinstalled my Aliyun server system, and the ECDSA key left in /home/tonnn/.ssh/known_hosts on the target server was still the original ECDSA key, resulting in failed Host key verification.


Solution:

Clear the ECDSA key corresponding to the IP address in the target server /home/tonnn/.ssh/known_hosts, and then add a new one.
Use the ssh-keygen -R ip-address command, and go to the official website https://www.ssh.com/academy/ssh/keygen#command-and-option-summary to check out how-to-use, which means that the known_hosts file belongs to a host all the keys of the hostname are cleared.

After clearing, reconnect the corresponding host, and the server will record the new ecdsa key.