Tag Archives: ssh

[Solved] Linux ECDSA key Error: Host key verification failed

Project scenario:

Under Linux Ubuntu system, use SCP command to transfer files from another server to this server.

Problem description

tips: describe the problems encountered in the project here:

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:'A string of characters'.
Please contact your system administrator.
Add correct host key in /home/tonnn/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/tonnn/.ssh/known_hosts:12
ECDSA host key for 'External Server IP' has changed and you have requested strict checking.
Host key verification failed.

Cause analysis:

Tip: fill in the problem analysis here:

I found out after Google that the ECDSA key of the cloud server was changed because I reinstalled my Aliyun server system, and the ECDSA key left in /home/tonnn/.ssh/known_hosts on the target server was still the original ECDSA key, resulting in failed Host key verification.


Clear the ECDSA key corresponding to the IP address in the target server /home/tonnn/.ssh/known_hosts, and then add a new one.
Use the ssh-keygen -R ip-address command, and go to the official website https://www.ssh.com/academy/ssh/keygen#command-and-option-summary to check out how-to-use, which means that the known_hosts file belongs to a host all the keys of the hostname are cleared.

After clearing, reconnect the corresponding host, and the server will record the new ecdsa key.

[Solved] ssh secure shell: server responded algorithm negotiation failed

ssh secure shell:server responded algorithm negotiation failed

This problem is usually solved as follows:
1. cd /etc/ssh
2.vim /etc/ssh/sshd_config

# Add the following to the configuration file (except the last one of the third is gray plus purple, the others are blue, if it is gray means it is not right!)
Ciphers aes128-cbc,aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr,3des-cbc,arcfour128,arcfour256,arcfour,blowfish-cbc,cast128-cbc
MACs hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,hmac-sha1-96,hmac-md5-96
KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,[email protected]

Then restart sshd with this statement and you’re done
systemctl restart sshd

Because the error page can not be selected, so I did not directly check the error, but with their own understanding of the error to check, but wasted a lot of time, so if such an error, or hand typing in the future, it is very fast.

[Solved] Gerrit Error: Permission denied publickey

Gerrit reports an error: permission denied solution

Foreword solution


When using the Gerrit clone code, you will find an error. The error message is probably: permission denied (publickey)

openssh has abandoned RSA encryption keys since version 8.8 for security reasons
openssh thinks that RSA cracking costs too little, so it is disabled if there is a risk
you can use the command:
ssh -v [git server]

Check the openssh version number of the Gerrit server.
if it is ≥ 8.8, you can use this method.


Enter the machine SSH directory,
create a new config file without suffix:

The content is:

Host gerrit's IP or domain name
HostName gerrit's IP or domain name
User Gerrit's user name (e.g. zhangsan)
PubkeyAcceptedKeyTypes +ssh-rsa
IdentityFile ~/.ssh/id_rsa
Port 29418 (Gerrit port)

Once configured, the clone is OK. Generally, there is no problem.

SSH Connect Service Error: Could not connect to ‘xxx.xxx.xx.xx‘ (port 22): Connection failed.

It was strange to report an error when connecting to SSH service this morning

I have searched a lot of information from Baidu. Now I collect and sort out some useful solutions for you

1. Restart CentOS
2 Restart VMware
3 Firewall problem:
(1) check the firewall: Service iptables status
(2) close the firewall first: /etc/init.d/iptables stop
(3) open firewall: Service iptables start
Start: systemctl start firewalld (centos7 user)
Close: systemctl stop firewalld (centos7 user)
4 Query whether port 22 is enabled

Query all open port commands

  firewall-cmd --zone=public --list-ports

Permanently open port 22

  firewall-cmd --zone=public --add-port=80/tcp --permanent 


firewall-cmd --reload

5. Query whether SSH is installed on the Linux server

yum install openssh-server

6. Query whether SELinux is started
modify the file in /etc/selinux/config and set SELINUX = disabled:

[Solved] Error getting ssh command ‘exit 0‘ : ssh command error:

docker-machine Create Certificate Stuck
docker-machine –debug create -d hyperv –hyperv-virtual-switch “Default Switch” docker-machine

the only way for me to get around this was to disable the Windows 10
built-in OpenSSH Client, via Windows Features.
After that minishift used its internal ssh client and proceeded.
Unfortunately i am running into another issue after that, where the
control-plane pods are not starting and the minishift deployment fails,
since the API access times out.
Would be inteeresting to see if you get the same once you deal with the SSH
Am Fr., 30. Nov. 2018 um 12:15 Uhr schrieb denisjc7 <
[email protected]>:
@LW81 https://github.com/LW81 I am experiencing the same issue on
basically the same configurations as yours. Did you find a solution?Thank
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#2722 (comment)>,
or mute the thread

Through [Settings] => [Applications] => [Optional Applications
Uninstall Windows 10 built-in OpenSSH Client
After using the built-in ssh, it runs successfully

redhat7. 5 system service is not started automatically and use systemctl start error: error getting authority: error initializing authority: CO, (the server will restart)

After the server is powered on, the default system service SSH network card will not start automatically
when using systemctl start sshd command, the following error will be reported. After the error is reported, the server will restart automatically
error getting authority: error initializing authority: could not connect: no such file or directory (g-io-error-wuark, 1)
view the system log, The following error is reported
#journalctl – XB
dependency failed for migrate local SELinux policy changes from the old store structure to the new structure

It may be that the attached system file does not exist.
#mount – a check whether the system attachment is normal, and the following error is reported.
mount special device XXX does not exist
#cat/etc/fstab check whether there is redundant attachment configuration for boot attachment, and delete the attachment configuration