I had a situation when I tried to SSH into one of the server, I received the error message below. Basically the server had generated a new SSH RSA host key that doesnt match with the old one stored on my MacBook Pro.
;
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 21:79:38:2d:2c:3d:f0:08:5d:e5:a6:a0:3f:af:a1:0a. Please contact your system administrator. Add correct host key in /Users/root/.ssh/known_hosts to get rid of this message. Offending key in /Users/root/.ssh/known_hosts:7 RSA host key for x.x.x.x has changed and you have requested strict checking. Host key verification failed.
;
Mac OSX keeps SSH keys in /Users/root/.ssh directory, and this needs to be updated. The currently cached keys are in known_hosts file.
MBP:.ssh root$ cd /Users/root/.ssh
MBP:.ssh root$ ls
known_hosts known_hosts.old
;
I can verify the content of know_hosts file, it only keeps the host name or IP Address and RSA keys.
MBP:.ssh root$ more known_hosts 1.1.1.1 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCd+tMZOp9wAABMPQFBrJhW7IWH+zwNcbBzK2h7RI54nKAEBo6vm08YBXuql/En45kLI/O0NYd6Le0nfXU86kcwjdzFzV4B70XBCa7xv1qwoHu1Rnuy9DIKHpfQhlHSBVJRObcDk8UeVxe0YkwwP4F97nDa3cREfhiHWuDInSNrPw== 2.2.2.2 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDDn06aNBc6LE4yW2AoEWu+WQj6d7xW3sQzUCmNiwU+pEWJcIM9cWm+smXnHdYwO7AU5tQwDpO5MLeAf5OvfQ7DshNams0aoFPVUD07ZiqN0yIwo3WrmTdDcW1E2Of6LyT+4fOCeNG61LnCxu1yBDH4/E9uqUNxIu3AQal8F73zNw== 3.3.3.3 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCFxyyjHBM1JTVr95E3J3uWE0dh5j2J3pGIUFddimpkbtP/P3tv+JiFLRIXuLv2z5FGEPMNm0GzIeZBzrIaP3mncMbzo2Sebre41nvC9+22L9h5ib9ikYR4qAkvkNGz9qxFVcBfPND+h42t0AVMsvxhpoZCRlrKRxG8opnjhQESXw== 4.4.4.4 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDKi/lQGTSlJpEAdiLtQiUBbdSnXPX5UBSTmxHplXE4TAHnZ4RqKIFSHn5ksFAQzs7APm23bzbA0GgmGStBmAZxRZRJgHaNIdcNjETVzW/ATozx3xEtDKuEp6NpnIjwUVqbWAGzdj8zNpEJoyTT9veSgkYXKgLW6iIVvlLblWFf5Q== 5.5.5.5 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQC0Y67bfOEoPOpy48mzOYyXmh49zCQORKg9UGWclK+RQEMtGZEysWskH6Rja4K72sloKfaS3QoDbEr8FGD2jzh27LakiUQYs2MOMimvfkZkBx0aztHA5UH/cPMnmpRsj+U63oMZxFywK2aqtJ00rWALD28bR0XIvQOijyzY1BY2Uw== 6.6.6.6 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCd+tMZOp9wAABMPQFBrJhW7IWH+zwNcbBzK2h7RI54nKAEBo6vm08YBXuql/En45kLI/O0NYd6Le0nfXU86kcwjdzFzV4B70XBCa7xv1qwoHu1Rnuy9DIKHpfQhlHSBVJRObcDk8UeVxe0YkwwP4F97nDa3cREfhiHWuDInSNrPw== 7.7.7.7 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAyX9MpBiPda4BJNX9Sun/07RAAb38SoGSWPeUTscWhpMdfp4X4whhMkCWNIfphKguywc7cMBB23+fEWaJ9U0znDV8tkWEEBecQaEnreZ3Xqo8HK6BC
;
Theoretically I can remove lines from this file but there is a command to remove the specific host RSA Key.
MBP:~ root$ ssh-keygen -R x.x.x.x /Users/root/.ssh/known_hosts updated. Original contents retained as /Users/root/.ssh/known_hosts.old
;
Now my RSA key for the remote server has been updated and key has been move to known_hosts.old file. And I can accept the new SSH RSA key.
MBP:~ root$ ssh -l root x.x.x.x The authenticity of host 'x.x.x.x (x.x.x.x)' can't be established. RSA key fingerprint is 21:79:38:2d:2c:3d:f0:08:5d:e5:a6:a0:3f:af:a1:0a. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'x.x.x.x' (RSA) to the list of known hosts. Password:
;