ssh错误：REMOTE HOST IDENTIFICATION HAS CHANGED

小白今天用ssh命令进行远程服务器跳转的时候，出现了一个报错：

linux101:/home/wsj # ssh oracle@10.141.52.101

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
06:7f:ff:b6:3d:c1:c3:2d:0a:19:15:9f:f0:08:0c:89.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:41
RSA host key for 10.141.52.101 has changed and you have requested strict checking.
Host key verification failed.

 

进入linux101服务器查看文件/root/.ssh/known_hosts有这么一行：

10.141.52.101 ssh-rsa AARX3NzaC1yc2EAAAABIwAAAIEA5sBzOOAG6O7TVoQxDjk3AANDVMuNPkrOJWarZuP9kMfcA1u3gmt5yoMJc7M4j0rf+ff9s+090Y3WZ7RGdQQ8FAqGc2O0zXLNUeVv9atczzJEd3RAzHtcGgZlsG3AXv5ULp3mzSp3RqxqSC0tKH+K2VxJYBy73zn5vXYfJRjC00=

将这一行删除，再执行

linux101:/home/wsj # ssh oracle@10.141.52.101
The authenticity of host '10.141.52.101 (10.141.52.101)' can't be established.
RSA key fingerprint is 06:3d:c1:197f:ff:2d:0a::f0:08:0c:89b6::15:9fc3:.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.141.52.101' (RSA) to the list of known hosts.
Authorized users only. All activity may be monitored and reported.
Last login: Tue Dec 10 22:41:06 2013 from 10.141.24.78
Authorized users only. All activity may be monitored and reported.

 

问题追踪：在ssh命令使用过程中，会去~/.ssh/known_hosts中去进行密码鉴权.一般情况下，一个IP对应的鉴权密钥是不会发生变化的，除非

1.  人为改动（可能性较小）

2.  系统被部分重装过(比如重装数据库)

3. 此IP为双机或者集群中的浮动IP，在业务运行中，若发生切换，浮动IP绑定的固定IP发生变化，就会引起ssh命令执行的失败