如何正确移除旧ssh键
如何正确移除旧ssh键
提问于 2014-10-02 16:56:25
我有一个动态创建Amazon实例的脚本,并将它们的ssh键添加到我的~/.ssh/ EC2 _hosts中。但是,每当我需要通过终止和重新创建实例来刷新实例时,我都会收到如下令人讨厌的警告消息:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
<fingerprint>.
Please contact your system administrator.
Add correct host key in ~/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in ~/.ssh/known_hosts:94
remove with: ssh-keygen -f "~/.ssh/known_hosts" -R <hostname>
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.警告是可以理解的,但是即使我运行该命令来删除旧键,登录仍然会给我警告:
Warning: Permanently added '<hostname>' (ECDSA) to the list of known hosts.
Warning: the ECDSA host key for '<hostname>' differs from the key for the IP address '<ip>'
Offending key for IP in ~/.ssh/known_hosts:96解决方案是手动删除我的known_hosts中的行,但是是否有一种方法可以通过预先运行一个命令来实现自动化呢?
回答 1
Server Fault用户
发布于 2014-10-02 17:09:51
来自man ssh-keygen (SSH(1))
-R主机名从known_hosts文件中移除属于主机名的所有键。此选项对于删除散列主机非常有用(请参阅上面的-H选项)。
试试这个:
ssh-keygen -R hostname [-f known_hosts_file]
页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/633109
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号