解决服务器更换主机后,SSH RSA密钥校验失败的问题


最近有一台服务器出现内存校验问题,于是物理更换了服务器主机。在更换完成后,远程管理服务的一些脚本不能正常执行了,出现下面的错误信息。

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
39:XX:XX:XX:2c:1b:8d:73:a6:26:01:25:c7:17:c6.
Please contact your system administrator.
Add correct host key in /home/leo/.ssh/known_hosts to get rid of this message.
Offending key in /home/leo/.ssh/known_hosts:4
RSA host key for 10.XX.XX.XX has changed and you have requested strict checking.
Host key verification failed.
lost connection

出现这个错误的原因是服务器更换了,SSH的RSA密钥也变更了,需要更新密钥信息。
按照提示信息,修改远程管理服务脚本所在服务器的known_hosts文件,即解决问题。
找到更换服务器IP地址对应的RSA信息,删除即可。

[leo@espc01 ~]$ vim .ssh/known_hosts

重新连接服务器,获取新的RSA密钥

[leo@espc01 ~]$ ssh leo@10.XX.XX.XX
The authenticity of host ’10.XX.XX.XX (10.XX.XX.XX)’ can’t be established.
RSA key fingerprint is 39:XX:XX:XX:78:2c:1b:8d:73:a6:26:01:25:c7:17:c6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ’10.XX.XX.XX’ (RSA) to the list of known hosts.
leo@10.XX.XX.XX’s password:

连接成功后,新的RSA密钥信息会再次保存到~/.ssh/known_hosts文件中。今后脚本程序需要连接服务器的时候,不再出现错误信息。

Advertisements

发表评论

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / 更改 )

Twitter picture

You are commenting using your Twitter account. Log Out / 更改 )

Facebook photo

You are commenting using your Facebook account. Log Out / 更改 )

Google+ photo

You are commenting using your Google+ account. Log Out / 更改 )

Connecting to %s