问题描述
我已经在我的桌面和两台服务器之间设置了ssh密钥对,从服务器到我的桌面,但是在我的桌面上重新安装操作系统之后,我不能通过这个re-establish密钥对进入我的桌面:
mkdir ~/.ssh
chmod 700 ~/.ssh
ssh-keygen -t
ssh-copy-id username@server
我收到以下错误:
(斜体名称改为保护无辜我的桌面是Ubuntu,我找不到答案here)
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is ab:cd:ef:gh Please contact your system administrator. Add correct host key in /home/user/.ssh/known_hosts to get rid of this message. Offending key in /home/user/.ssh/known_hosts:1 RSA host key for user.server has changed and you have requested strict checking. Host key verification failed.
最佳解决方法
ssh-keygen -R hostname
这将从known_hosts中删除违规密钥
手册页条目如下:
-R hostnameRemoves all keys belonging to hostname from a known_hosts file. This option is useful to delete hashed hosts (see the -H option above).
次佳解决方法
最有可能的是,远程主机ip或ip_alias不在〜/.ssh /known_hosts文件中。您可以使用以下命令将主机名添加到known_hosts文件。
$ssh-keyscan -H -t rsa ip_or_ipalias >> ~/.ssh/known_hosts
另外,我生成了以下脚本来检查特定的ip或ipalias是否在know_hosts文件中。
#!/bin/bash
#Jason Xiong: Dec 2013
# The ip or ipalias stored in known_hosts file is hashed and
# is not human readable.This script check if the supplied ip
# or ipalias exists in ~/.ssh/known_hosts file
if [[ $# != 2 ]]; then
echo "Usage: ./search_known_hosts -i ip_or_ipalias"
exit;
fi
ip_or_alias=$2;
known_host_file=/home/user/.ssh/known_hosts
entry=1;
cat $known_host_file | while read -r line;do
if [[ -z "$line" ]]; then
continue;
fi
hash_type=$(echo $line | sed -e 's/|/ /g'| awk '{print $1}');
key=$(echo $line | sed -e 's/|/ /g'| awk '{print $2}');
stored_value=$(echo $line | sed -e 's/|/ /g'| awk '{print $3}');
hex_key=$(echo $key | base64 -d | xxd -p);
if [[ $hash_type = 1 ]]; then
gen_value=$(echo -n $ip_or_alias | openssl sha1 -mac HMAC \
-macopt hexkey:$hex_key | cut -c 10-49 | xxd -r -p | base64);
if [[ $gen_value = $stored_value ]]; then
echo $gen_value;
echo "Found match in known_hosts file : entry#"$entry" !!!!"
fi
else
echo "unknown hash_type"
fi
entry=$((entry + 1));
done
第三种解决方法
如果您确定服务器是正确的,sed -i 1d ~/.ssh/known_hosts将删除您本地~/.ssh/known_hosts的第1行。下次连接时,新的正确密钥将添加到文件中。
第四种方法
步骤1:$ Bhargava.ssh#
ssh-keygen -R 199.95.30.220
step2:$ Bhargava.ssh#
ssh-copy-id hostname@199.95.30.220
Enter the the password.........
第3步:Bhargava .ssh#
ssh hostname@199.95.30.220
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-68-generic x86_64) * Documentation: https://help.ubuntu.com/ Ubuntu 14.04.3 LTS server : 228839 ip : 199.95.30.220 hostname : qt.example.com System information as of Thu Mar 24 02:13:43 EDT 2016 System load: 0.67 Processes: 321 Usage of /home: 5.1% of 497.80GB Users logged in: 0 Memory usage: 53% IP address for eth0: 199.95.30.220 Swap usage: 16% IP address for docker0: 172.17.0.1 Graph this data and manage this system at: https://landscape.canonical.com/ Last login: Wed Mar 23 02:07:29 2016 from 103.200.41.50
主机名@ QT:〜$
第五种方法
有时也会出现在串行控制台上工作的情况,然后在详细模式下检查上面的命令-v会显示/dev /tty不存在,而它确实存在。
在上面的例子中,只需删除/dev /tty并在/dev /tty中创建/dev /ttyS0的符号链接。