问题出现:服务器意外挂掉,重装之后,我本地远程发现错误:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
9d:xx:34:xx:5c:xx:49:xx:b4:xx:17:xx:07:xx:df:xx.
Please contact your system administrator.
Add correct host key in /home/xx/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/xx/.ssh/known_hosts:1
remove with: ssh-keygen -f "/home/xxxxx/.ssh/known_hosts" -R 192.168.xxx.xxxx
ECDSA host key for 192.168.xx.xx has changed and you have requested strict checking.
Host key verification failed.
很费解,明显是公钥出了问题。之前一直不知道 .ssh/known_hosts 有啥用,甚至直接删除了,没想到遇到了问题。
看到这个log中出现了一个很明显的可操作的指令,就备份了.ssh/known_hosts ,按照
# ssh-keygen -f "/home/xxxxx/.ssh/known_hosts" -R 192.168.xxx.xxxx
执行了一下,很给力,再次远程成功了。
事实上,我有查过网上资料,但对于如何查找.ssh/known_hosts 中哈希方式的对应的符号,还是没看清楚,就不再执着于此,做一次备份和执行一次最清晰的提示。
ubuntu允许远程ssh登录:http://www.linuxdiyf.com/linux/14055.html
Ubuntu安装denyhosts防止暴力破解远程SSH:http://www.linuxdiyf.com/linux/696.html
如何在Linux上用一次性密码确保SSH登录安全?:http://www.linuxdiyf.com/linux/10991.html
Windows平台SSH登录Linux并使用图形化界面:http://www.linuxdiyf.com/linux/6050.html