SSH: Host Key Verification Failed
spanky@zen:~$ ssh user@host
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
30:82:36:ff:f4:78:e9:c9:df:94:8b:41:35:f6:2b:a4.
Please contact your system administrator.
Add correct host key in /home/spanky/.ssh/known_hosts to get rid of this message.
Offending key in /home/spanky/.ssh/known_hosts:5
RSA host key for [host]:22 has changed and you have requested strict checking.
Host key verification failed.
spanky@zen:~$
When you update OpenSSH server, timetimes it will change the host fingerprint. This means you will find yourself getting the above error on any host that you have saved the host fingerprint on. The fingerprint is designed to verify that you are indeed connecting to the host that you say you are. As the warning suggests, it can detect man-in-the-middle attacks. However, if you know that you are getting this because you updated software (or you have regenerated the host fingerprint manually), you probably just want to be able to connect to the server again!
You may already know that host fingerprints are stored in ~/.ssh/known_hosts. The problem can sometimes be that the individual entries are not stamped by host. Well, they don’t need to be, they are unique entries. So how do we know which one to delete? The line:
Offending key in /home/spanky/.ssh/known_hosts:5
Actually tells us that the key is indeed stored in ~/.ssh/known_hosts, AND it is on line 5. If you open up the file in vi, you will probably find each it looks like there are many more than 5 lines. Don’t worry, it’s just wrapping the line. Just count down to line 5 (alternatively, use :set numbers to see the line numbers - press the colon key, then type “set numbers” and hit enter). Then hit “dd” to delete the line”. :wq (colon then “wq”) to save the file and exit, and you should be sorted!