文章内容
2025/12/23 17:58:08,作 者: 黄兵
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED
在上篇文章,我们通过 Windows PowerShell 设置了 SSH Key,并配置 Ubuntu VPS 密钥登录:Windows 电脑上生成 SSH Key 并设置密钥登录
但是最近重新安装了操作系统,并按照上面的文章重新设置密钥登录,传递到 Ubuntu 服务器的时候,出现了:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is SHA256:/T/PD1Axva7fNV4nYCiMZQI/9BIXWjCmUnkjHT/B50I.
Please contact your system administrator. Add correct host key in C:\\Users\\PC/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in C:\\Users\\PC/.ssh/known_hosts:17
Host key for example.com has changed and you have requested strict checking.
Host key verification failed.
这是 SSH 主机指纹变更 的典型提示,在你当前场景下几乎可以确定是正常情况,并非真正的中间人攻击。
服务器重装 / OpenSSH 重装 / Docker / 证书与 SSH 配置变更,服务器的 SSH Host Key 已发生变化,而 Windows 端缓存了旧指纹,因此触发了该警告。
出现问题的原因
SSH 会把每台服务器的 Host Key 缓存在本地:
C:\Users\PC\.ssh\known_hosts
一旦出现以下任一情况,就会触发该错误:
-
服务器重装系统
-
OpenSSH 重新安装
-
/etc/ssh/ssh_host_*被重新生成 -
IP 指向了另一台机器
-
云厂商迁移实例
解决方案
✅ 只删除这一台主机的旧指纹(最安全)
在 PowerShell 执行:
ssh-keygen -R example.com
如果你是用 IP 连接:
ssh-keygen -R 服务器IP
执行后会提示类似:
# Host example.com found: line 17 # Host key removed.
然后重新连接:
ssh [email protected]
你会看到:
The authenticity of host 'example.com (...)' can't be established. ED25519 key fingerprint is SHA256:... Are you sure you want to continue connecting (yes/no)?
输入:
yes
即可。
其它相关推荐:
1、permission denied while trying to connect to the Docker daemon socket
5、Disconnected : No supported authentication methods available (server sent :publickey)
评论列表