Tuesday, December 6, 2011

Dealing with strict key checking for SSH

Problem:

While using sftp (or some other ssh related service) the following warning shows up and we can't use the service:


@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
b0:a8:eb:30:ce:1a:0e:6a:4d:7a:6b:3a:0a:c6:27:60.
Please contact your system administrator.
Add correct host key in /Users/xxx/.ssh/known_hosts to get rid of this message.
Offending key in /Users/xxx/.ssh/known_hosts:28
RSA host key for web.sourceforge.net has changed and you have requested strict checking.
Host key verification failed.
Connection closed

Solution:

Remove the key by doing
sed -i "28 d" ~/.ssh/known_hosts

We know it is line 28, because that came up in the warning message.

No comments:

Post a Comment