Linux,用ssh远程登陆错误的解决。
例子:[root@haha 桌面]# ssh 192.168.2.100
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:lOtTpz8W/OEchs5Ze+CdmyMXpVuU+5i/C04EZuKs0os.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:16
ECDSA host key for 192.168.2.100 has changed and you have requested strict checking.
Host key verification failed.
以上为报错内容
known_hosts是记录远程主机的公钥的文件,在ssh链接的时候首先会验证公钥,如果公钥不对,那么就会报错。比如重装了系统,而保存的公钥还是未重装系统的系统公钥。
解决 ①在本机中,将known_hosts文件中的与远程登录错误的IP的公钥删除即可,下面是我的机子的公钥(实则是之前系统的公钥),然后将其删除,再ssh 登录 great 登录成功了。
[root@haha .ssh]# vim known_hosts
可在浏览模式下,输入“/相应的地址”,查找并删除。
② 用shh-keygen 命令
比如我们要将192.168.2.100的公钥信息清除,使用命令(请自己将192.168.2.100替换成自己的IP或域名):
删除前,查看公钥信息,有2.100的信息
[root@haha ~]# ssh-keygen -R 192.168.2.100
# Host 192.168.2.100 found: line 27
/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old
再次查看公钥信息,没有192。168。2。100的公钥信息。
vim .ssh/known_hosts
完毕之后就可以了,再次登陆就后要求确认是否公钥,输入“yes“和密码:
[root@haha ~]# ssh 192.168.2.100
The authenticity of host ‘192.168.2.100 (192.168.2.100)’ can’t be established.
ECDSA key fingerprint is SHA256:lOtTpz8W/OEchs5Ze+CdmyMXpVuU+5i/C04EZuKs0os.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘192.168.2.100’ (ECDSA) to the list of known hosts.
root@192.168.2.100’s password:
Last login: Mon Mar 8 14:23:53 2021 from 192.168.2.254
[root@web_1 ~]#