Linux Administration Cookbook
上QQ阅读APP看书,第一时间看更新
上一章目录下一章

How it works...

The ssh-keygen command we used is a quick way of placing expected host keys in the default location. Because we'd removed the key we expected to be there, we would have failed to connect to our host, and been prompted with the horrible error we saw previously:

<SNIP>
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:zW4PXt4o3VRA/OiePUc4VoxBY50us9vl2vemgcrLduA
debug3: hostkeys_foreach: reading file "/home/vagrant/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/vagrant/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 192.168.33.11
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
<SNIP>

In the preceding snippet, we can see SSH checking our known_hosts file, then getting the key from the remote host, and finally throwing a fit.

To reconnect to the host, we simply had to remove the offending entry from the known_hosts file on our client-side, and then attempt our connection again.

We used -R to remove the offending key, but you can use any method to do so as it's just a text file. If you wish you can even empty the entire known_hosts file, but this will also mean you'll have to accept keys for every box you've ever connected to, once again.
上一章目录下一章