报错信息
在工作中,如果使用ssh、scp命令做远程操作报错“WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!”
[root@ sa]# scp /export/www/jinxin/package/makedumpfile sa@172.16.1.1:/tmp/
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:KwkJporo8yl23VAfzVGlB53pN9vPQPnJotDG+ZiHzG8.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:376
ECDSA host key for 172.16.39.85 has changed and you have requested strict checking.
Host key verification failed.
lost connection
解决方法
其实这个报错也可以从提示中看出来,说的是远程主机标识已经改变,出现这种问题原因可能就是因为目标主机重装过系统,那源主机上之前访问目标主机而保存了标识证书,这次登陆的时候对比了一下之前的记录,发现变化了,校验不通过,就没法登录或者拷贝东西。
在源主机上清除本地缓存的目标主机证书
[root@ sa]# ssh-keygen -R 172.16.1.1
# Host 172.16.39.85 found: line 376
/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old