[root@centos7 data]# scp ./redhat-release.gpg root@10.0.0.8:/root
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:r4COfaGRW6a9yYrF2tQRnKeZbPJj1UKfJyBBfliBJPw.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:2
ECDSA host key for 10.0.0.8 has changed and you have requested strict checking.
Host key verification failed.
lost connection
[root@centos7 data]#
查看上面的提示信息,提到了ECDSA 主机密钥已经改变了,需要重新验证;解决方法如下:
[root@centos7 ~]# cat .ssh/known_hosts
10.0.0.100 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDZ
2U70/h64gLIwwkU/aDMNS3iojTZKjJEWJLhgYMR1UuzAZ0U8+2CET+LOSLNfzKwu/HsZ+RLVY1anKbl8GaoM=
10.0.0.8 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJAD
BLVf9YypCk5SyI6SqsVLJ3sgSBR8LY7iC3kExg17RaybzCgxqQhEP7+RuOerMlgSJpBGmE/8dMBhC4cKMc=
删除对应的IP地址,即10.0.0.8的ECDSA:
[root@centos7 ~]# cat .ssh/known_hosts
10.0.0.100 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBDZ
2U70/h64gLIwwkU/aDMNS3iojTZKjJEWJLhgYMR1UuzAZ0U8+2CET+LOSLNfzKwu/HsZ+RLVY1anKbl8GaoM=
[root@centos7 ~]#
重新连接生成ECDSA:
[root@centos7 ~]# scp /data/redhat-release.gpg 10.0.0.8:/data/
The authenticity of host '10.0.0.8 (10.0.0.8)' can't be established.
ECDSA key fingerprint is SHA256:r4COfaGRW6a9yYrF2tQRnKeZbPJj1UKfJyBBfliBJPw.
ECDSA key fingerprint is MD5:d5:15:30:7a:f6:d9:d6:4b:4d:e0:28:13:9b:ce:4f:ac.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.8' (ECDSA) to the list of known hosts.
root@10.0.0.8's password:
redhat-release.gpg 100% 85 60.0KB/s 00:00