
I get this issue quite a bit in my homelab, and it’s expected as I frequently rebuild hosts, replace SSL certificates etc. The reason it happens is that the key to the IP address you’re connecting to is saved in the file, “known_hosts” from a previous session, and is now different to the one you are connecting to now.
nicholas@vwired-MBP ~ % ssh root@192.168.1.199
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:PmntgL/JHCr1KaYRZrWSw4juc5HO5McAk39hfksw70.
Please contact your system administrator.
Add correct host key in /Users/nicholas/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/nicholas/.ssh/known_hosts:5
Host key for 192.168.1.199 has changed and you have requested strict checking.
Host key verification failed.
The fix is relatively simple; you need to remove that host entry from your “known_hosts” file.
ssh-keygen -R <Hostname or IP Address>
See my example below.
nicholas@vwired-MBP ~ % ssh-keygen -R 192.168.1.199
# Host 192.168.1.199 found: line 5
/Users/nicholas/.ssh/known_hosts updated.
Original contents retained as /Users/nicholas/.ssh/known_hosts.old
nicholas@vwired-MBP ~ %
I hope you found this helpful. Feel free to comment if you have any questions.
Follow @nmangraviti