SSH Warning: “REMOTE HOST IDENTIFICATION HAS CHANGED” – How to Fix It Easily
When you try to connect to a remote server via SSH and see this scary warning “WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!” like this:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!It means that the server’s identity (host key fingerprint) has changed since the last time you connected.
What Does This Mean?
SSH stores a fingerprint of the server in a file called ~/.ssh/known_hosts. This is to verify the server hasn’t changed (to protect you from “man-in-the-middle” attacks).
If the server’s IP address or host key changes (due to OS reinstall, SSH reconfiguration, or you connected to a different machine with the same IP), SSH warns you that something might be wrong.
Quick and Safe Solution (If You Trust the Server)
If you’re sure this is not an attack, and the server is under your control, the easiest way to fix it is:
Step 1: Remove the old SSH key
ssh-keygen -R 172.9x.xxx.xxThis removes the old fingerprint stored on your machine for that IP.
Step 2: Connect again
ssh hostname@172.9x.xxx.xxSSH will ask:
The authenticity of host '172.9x.xxx.xx' can't be established.
ECDSA key fingerprint is SHA256:...
Are you sure you want to continue connecting (yes/no)?Type yes, and it will save the new key and connect you.
Optional : If you need One-Liner Shortcut
You can combine both steps into a single command:
ssh-keygen -R 172.9x.xxx.xx && ssh hostname@172.9x.xxx.xxHappy Coding!!!