Background

I have a remote server and have reinstalled the system via a browser.

Symptom

After I added the ssh public key to the new remote server from my browser, I tried to login from my computer using the terminal, but it failed and showed the following error:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:7ODakED63JRWjxUNhSEYZb5K7evWP4eeYwh.
Please contact your system administrator.
Add correct host key in /Users/username/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/username/.ssh/known_hosts:41
Host key for 192.168.0.100 has changed and you have requested strict checking.
Host key verification failed.

Reason

When we connect to the server via SSH, ssh will get a fingerprint of the ECDSA key and save it to the home directory under ~/.ssh/known_hosts at the first time. SSH will query the file every time you connect to that server after that. After I have changed the server, the fingerprint has been changed, so it’s not the same with the local in the file known_hosts.

Soultion

Use ssh-keygen

Both hostname and ip will work after ssh-keygen -R

1

ssh-keygen -R 192.168.0.100

Remove the record in the file ~/.ssh/known_hosts

Open the file ~/.ssh/known_hosts and remove the record about the ip 192.168.0.100.