WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! 解决方法

今天在 Jenkins 上使用 salt 监控的主机返回 Minion did not return. [Not connected],显示 minion 端连接失败,就尝试使用 ssh 直接连接主机看看,然后报了下面的错:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:WD831i/lF/k5pFzATjGUpOno2sjJHh5WwrGU5ELMIIQ.
Please contact your system administrator.
Add correct host key in /home/salt/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/salt/.ssh/known_hosts:64
ECDSA host key for 172.30.125.39 has changed and you have requested strict checking.
Host key verification failed.

根据提示信息显示,远程主机的公钥已被更改,因此无法连接远程主机。在使用 ssh 连接时,会将远程主机提供的公钥存储在本地 $HOME/.ssh/known_hosts 文件中。而如果远程主机的公钥信息被更改了,则由于本地公钥信息与远程主机的不匹配而无法连接,此时只需删除本地存储的公钥信息即可。
按如下操作删除原有公钥后再次连接,提示询问时输入 yes 即可登录远程主机

[salt@master ~]$ ssh-keygen -R 172.30.125.39
# Host 172.30.125.39 found: line 64
/home/salt/.ssh/known_hosts updated.
Original contents retained as /home/salt/.ssh/known_hosts.old
[salt@master ~]$ ssh log@172.30.125.39
The authenticity of host '172.30.125.39 (172.30.125.39)' can't be established.
ECDSA key fingerprint is SHA256:WD831i/lF/k5pFzATjGUpOno2sjJHh5WwrGU5ELMIIQ.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.30.125.39' (ECDSA) to the list of known hosts.
log@172.30.125.39's password: 

也可进入 $HOME/.ssh/known_hosts 文件中手动删除相应的原有公钥信息。

你可能感兴趣的:(Linux)