一、问题想象:IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:K24W0Pw1TOIp+xXAOGpF19OVDi56FdhURPwXExCz9HE.
Please contact your system administrator.
Add correct host key in C:\\Users\\Admin/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in C:\\Users\\Admin/.ssh/known_hosts:1
ECDSA host key for 192.168.224.128 has changed and you have requested strict checking.
Host key verification failed.
Connection closed
二、原因:ssh会把每个你访问过计算机的公钥(public key)都记录在本地~/.ssh/known_hosts。当下次访问相同计算机时,OpenSSH会核对公钥。如果公钥不同,OpenSSH会发出警告, 避免你受到DNS Hijack之类的攻击。
一台主机上有多个Linux系统,会经常切换,那么这些系统使用同一ip,登录过一次后就会把ssh信息记录在本地的~/.ssh/known_hsots文件中,切换该系统后再用ssh访问这台主机就会出现冲突警告。
三、解决方案:
1. 手动删除修改known_hsots里面的内容;【建议这个,本人只使用过这个】
2. 修改配置文件“~/.ssh/config”,加上这两行,重启服务器。
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
优缺点:
1. 需要每次手动删除文件内容,一些自动化脚本的无法运行(在SSH登陆时失败),但是安全性高;
2. SSH登陆时会忽略known_hsots的访问,但是安全性低;