Purpose: The blog entry will explain how to resolve a fairly common warning that comes while using SSH on Linux to connect to other machines. SSH is client/server program that is used to securely connect to other machines over the network/internet. SSH stands for Secure Shell. It is a type of protocol.

The Warning message

So now let’s get started to see what warning are we talking about. Many time you must have seen a warning that shows up while using SSH like this:
debian:# ssh root@192.168.0.100
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
f0:37:af:f7:4d:41:39:13:ab:ac:12:59:13:81:82:d6.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:7
RSA host key for 192.168.0.207 has changed and you have requested strict checking.
Host key verification failed.
lost connection
debian:#

At this point of time you basically cannot connect to the remote machine.

Why does it happen

There are several reasons for that:

1. You keep moving your hard disk from one type of machine to another.

2. You are doing trial-and-error with different type of Linux install and are frequently swapping hard drive on a computer.

3.  For some reasons your DSA host key got changed. A DSA host key is unique for every single computer.

4. Others…

The Solution

If you are pretty sure that there is no security breach in the remote machine that you are trying to connect, simply give the  command if you are trying to connect as a ‘root’ user:

debian:# rm /root/.ssh/know_hosts

If you logged in as a regular user with username ‘kushalk’ then give the following command:

debian:# rm /home/kushalk/.ssh/know_hosts

Once you delete the file you can simply give the command that you were trying to give earlier to connect to:

debian:# ssh root@192.168.0.100

Basically every computer (the remote computer) generates a DSA host key when you install ssh program. And then when any other computer (just like in this case) connects to this machine it stores the identification key in the file ‘know_hosts’ that we just deleted. Now if due to the above mentioned reasons if the DSA host key on the remote computer gets changed your computer gives the above warning message.

Also the above warning message can also appear while using scp – Secure copy:

debian:# scp <file-name> root@192.168.0.100:

The solution is same for this also. SCP is just a program which in turns uses ssh to connect and transfer the file.

You can install SSH program in debian like this:

# apt-get install ssh

Enjoy SSH’ing.

As usual, please leave a comment/feedback if you have any. Comments encourages bloggers to post more and keep their spirits high.

Also don’t forget to rate this post below.

Be Sociable, Share!