I'm trying to setup password-less SSH on an Ubuntu server with ssh-copy-id myuser@myserver, but I'm getting the error:
Warning: the ECDSA host key for 'myserver' differs from the key for the IP address '192.168.1.123'
What's causing this, and how do I fix it? I tried deleting the .ssh directory on the remote machine, and running ssh-keygen -R "myserver" locally, but this doesn't resolve the error.
13 Answers
Remove the cached key for 192.168.1.123 on the local machine:
ssh-keygen -R 192.168.1.123 12 In my case ssh-keygen -R ... didn't fix the warning. I had extra information like this:
Offending key for IP in /home/myuser/.ssh/known_hosts:8
Matching host key in /home/myuser/.ssh/known_hosts:24I simply manually edited ~/.ssh/known_hosts and deleted line 8 (the "offending key"). I tried reconnecting, the host was permanently added, and everything was fine after that!
I do lots of ssh-ing around between my LAN computers and my two webhosting accounts, so I've sorted out all kinds of odds and ends with SSH, including authentication problems using ssh -v to see where and what went wrong.
Having just resolved this issue and not being happy with the answers, I wanted to really know "why" myself...
The trigger for my case is: installed new server OS at work and upon installing openssh-server package, a new set of host keys were generated on work's server. Previously, all of my server OSs were Ubuntu and this time it changed to Debian (and I suspect there is a nuanced difference in permissions).
When all OSs were Ubuntu and I reinstall a server's OS, upon the first SSH in to it, I get this kind of warning, which I prefer over the silent warning above!
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
06:ea:f1:f8:db:75:5c:0c:af:15:d7:99:2d:ef:08:2a.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.
Offending key in /home/user/.ssh/known_hosts:4
RSA host key for domain.com has changed and you have requested strict checking.
Host key verification failed.Then I open up ~/.ssh/known_hosts on the computer initiating the ssh, delete that line, reconnect and this happens:
chris@home ~ $ ssh work
The authenticity of host '[work]:11122 ([99.85.243.208]:11122)' can't be established.
ECDSA key fingerprint is 56:6d:13:be:fe:a0:29:ca:53:da:23:d6:1d:36:dd:c5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[work]:11122 ([99.85.243.208]:11122)' (ECDSA) to the list of known hosts.
Linux rock 3.2.0-4-amd64 #1 SMP Debian 3.2.51-1 x86_64That bit about :11122 is the port number I route SSH from on the firewall
I checked backups from a former Ubuntu server and diff'd against my new Debian install:
Ubuntu: Debian:
# Package generated configuration file # Package generated configuration file
# See the sshd(8) manpage for details # See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for # What ports, IPs and protocols we listen for
Port 22 Port 22
# Use these options to restrict which interface # Use these options to restrict which interfaces
#ListenAddress :: #ListenAddress ::
#ListenAddress 0.0.0.0 #ListenAddress 0.0.0.0
Protocol 2 Protocol 2
# HostKeys for protocol version 2 # HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_dsa_key
------------------------------------------------ HostKey /etc/ssh/ssh_host_ecdsa_key
#Privilege Separation is turned on for security #Privilege Separation is turned on for security
UsePrivilegeSeparation yes UsePrivilegeSeparation yesSo yes, likely, the host started using ecdsa keys recently, which based upon Ubuntu's changes lately, I would blame on an update. Ubuntu's shift away from the rock-solid linux OS I counted on is why I installed Debian this time around.
I read a security.SE q/a on ecdsa and have already removed that line from sshd_config my new Debian server. (and ran service ssh restart)
I added the following lines to my ~/.ssh/config, thus disabling strict host checking for all .local addresses. (with DHCP address allocation, ip addresses of my local machines are always changing)
host *.local StrictHostKeyChecking noYou still get the warning, though, which is fine by me.
2The prompt occurs every time because the IP addresses change all the time when using dynamic addressing. Try to use static IP so you only have to add the key only once.
5ssh-keygen -f "/root/.ssh/known_hosts" -R 192.168.1.123
This should replace the existing keys under known_hosts.old and create a new one. This solution worked for me in the same scenario
1Are you using the same user for connecting?
If you are logged into a local PC like user John and connected to the server B like user Adolf@B and everything is OK, it does not mean that everything is OK if you are logged to local PC like user Jane and connecting to the server B like user Adolf@B.
If you want to login on server B as user Beda from PC A without password, try this command, all from PC A:
ssh-keygen -t rsaThis command generates the key and stores the key in the file. Please leave passphrase empty.
ssh Beda@B mkdir -p .sshThis command creates the directory, if they do not already exist. Otherwise, do not print an error message.
cd ~/.sshThis command changes the directory to your users home directory ./ssh.
cat id_rsa.pub | ssh Beda@B 'cat >> .ssh/authorized_keys'This command prints the file id_rsa.pub (your public key) into authorized_keys on the server.
IMPORTANT: Beda is your username on the server which you are connecting, B is your server IP.
Now, you can connect to the server B without a password or passphrase:
ssh Beda@B 1 The thread here may help.
Essentially, you want to remove both the RSA and ECDSA keys for that host, then use ssh-keyscan to put them back into your known_hosts file in a way that won't cause this conflict. It worked for me when I had the same issue.
Question: What's causing this, ...?
So the ssh server host key changed. What caused the change? It is hard to say. Here are some guesses:
- Did sshd on myserver start using ECDSA keys, so it is a new key type?
- Was myserver recently re-installed?
- Was sshd on myserver recently re-insalled so a new ssh host key was generated?
- Did someone re-generate or replace the sshd host key?
- Has the IP address of myserver changed so that a different host is answering to that IP address?
Question: ... and how do I fix it?
As others have already answered, remove the cached ECDSA host key for myserver that your account has cached.
1This error kept annoying me for a long time. For some reason it made a difference whether i would do a
ssh hostor
ssh host.domainthen pointed me to the option of changing the config file. See my script there for automating the process.
1I fixed this on a Chromebook by uninstalling and reinstalling Secure Shell... It worked like a charm.
2Here is how to remove a known host fingerprint (from known_hosts file) on a Chrome OS:
Find the index of the offending host entry in the ssh output when the connection fails. For example in the line below offending index is 7:
Offending ECDSA key in /.ssh/known_hosts:7Open the JavaScript console (CTRL+Shift+J) of Secure Shell window and type the following, replacing INDEX with the appropriate value (e.g. 7):
term_.command.removeKnownHostByIndex(INDEX);This solution was borrowed from Leo Gaggl's Blog.
At my side this happens due to something which I consider an ssh bug of newer (OpenSSH_7.9p1 and above) clients, when it tries to learn a more secure ecdsa server key where there already is an older rsa type key known. It then presents this misleading message!
I do not know a good fix for this, the only workaround I found is to remove all "good but old rsa keys" such that the client can re-learn the "new more secure ecdsa keys". So:
The first step is to remove all the good old RSA keys (Warning! This loses protection against MitM):
$ sed -i '/ ssh-rsa /d' ~/.ssh/known_hostsThe second step then is to re-learn all host keys, which must be done manually by connecting to each IP again using
ssh.
Edit for Windows:
On Windows there is no
sed, hence the best fix probably is to remove theknown_hostsfile withdel %USERPROFILE%\.ssh\known_hosts`Warning! This loses protection against MitM until all keys are re-learned.
Here is what I observe:
$ sftp test@136.243.197.100
Connected to test@136.243.197.100
sftp>
$ sftp
Connected to .
sftp> Now try to connect to a newly introduced alias of this same already known good server:
$ sftp
Warning: the ECDSA host key for 'gcopy.net' differs from the key for the IP address '136.243.197.100'
Offending key for IP in /home/test/.ssh/known_hosts:45
Matching host key in /home/test/.ssh/known_hosts:44
Are you sure you want to continue connecting (yes/no)? Please have a look at the IP address. It's the same IP as above! So it looks like the (good) key of the (known) IP suddenly is offending itself (it isn't, as the ssh client mixes two incompatible keys, see below).
Now we try to fix it:
$ ssh-keygen -R 136.243.197.100
# Host 136.243.197.100 found: line 45
/home/test/.ssh/known_hosts updated.
Original contents retained as /home/test/.ssh/known_hosts.oldLet's try again:
$ sftp
Warning: Permanently added the ECDSA host key for IP address '136.243.197.100' to the list of known hosts.
Connected to .
$ sftp
Warning: the RSA host key for 'valentin.hilbig.de' differs from the key for the IP address '136.243.197.100'
Offending key for IP in /home/test/.ssh/known_hosts:45
Matching host key in /home/test/.ssh/known_hosts:10
Are you sure you want to continue connecting (yes/no)? WTF? What happened here? The new fresh key learned from the server fails again? And the problem even switched sides?!?
Nope, it's not the key, nor the server. Everything is correct!
It's the ssh client which fails to verify the correct key!
Entry 45 in known_hosts now carries a key of type ecdsa-sha2-nistp256 while the key, which was pulled from the server by the client, is of type rsa-sha2-512 (and therefor cannot match the other key!).
$ sftp -v shows:
debug1: kex: host key algorithm: rsa-sha2-512while
$ sftp -v shows:
debug1: kex: host key algorithm: ecdsa-sha2-nistp256Apparently the
sshclient has a bug somewhere! It cannot cope with a host key existing in more than one variant! Or it falls into the trap to request an outdated variant of a key.
How to fix?
I really have no idea. This probably can only be fixed upstream.
But there is a manual but clumsy workaround:
You have to manually remove all traces of the old key of type rsa. The key in question is shown in the output, but it is not directly marked as the problem:
Warning: the RSA host key for 'valentin.hilbig.de' differs from the key for the IP address '136.243.197.100'
Offending key for IP in /home/test/.ssh/known_hosts:45
Matching host key in /home/test/.ssh/known_hosts:10check:
awk 'NR==45 { print $2 }' /home/test/.ssh/known_hosts
awk 'NR==10 { print $2 }' /home/test/.ssh/known_hostsgives
ecdsa-sha2-nistp256
ssh-rsaSo here the matching host key is the offending one and the offending key is the right one which must be kept! So let's remove the wrong (matching) one:
ssh-keygen -R valentin.hilbig.de
# Host valentin.hilbig.de found: line 10
/home/test/.ssh/known_hosts updated.
Original contents retained as /home/test/.ssh/known_hosts.oldNow check again:
$ sftp
The authenticity of host 'valentin.hilbig.de (136.243.197.100)' can't be established.
ECDSA key fingerprint is SHA256:tf7lwe10C2p1lK2UG9p//m/4sUBCpX+i9k5Ub63c6Os.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'valentin.hilbig.de' (ECDSA) to the list of known hosts.
Connected to .
sftp>
$ sftp
Connected to .
sftp>
sftp test@136.243.197.100
Connected to test@136.243.197.100.
sftp>YAY! Problem finally gone. But with several 100 entries in .ssh/known_hosts, this "solution" really becomes a major PITA (and an Error Prone Security Nightmare on Elm Street. YMMV.)