Dev Tips : SSH Keys - Remote Host Identification Has Changed

SSH Keys in a network testing environment

Posted on July 30, 2021

SSH Keys are fantastic - I used them for everything I possibly can - source control, accessing my servers and connecting to my Raspberry Pis that I've got littered around the house doing everything from monitoring the network, blocking Ads, serving media content to serving websites.

But what do you do when you come across an error like this :

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
Please contact your system administrator.
Add correct host key in C:\\Users\\carl/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in C:\\Users\\carl/.ssh/known_hosts:6
ECDSA host key for has changed and you have requested strict checking.
Host key verification failed.

On a local network, if you are regularly creating and adding devices for testing, occasionally you'll come across a situation, as I did where you've re-used IP addresses on a local network range for either a raspberry pi, or a virtual machine, these signatures will be different for the new machines.

In a world where the IP address of these can change on a regular basis it can become problematic. There's a file generated each time you connect to an SSH server, which is your own local machine certificate authority - it holds a list of all ssh servers with their public keys which you have connected to and deemed trustworthy, and these are stored against a DNS or an IP address.

This is stored in a local folder in your home directory : ~/.ssh/known_hosts. On windows this is usually at c:/Users/<username>/.ssh/known_hosts.

If you find that you're connecting to a new machine, or to a machine WHERE YOU TRUST that the ssh key change is legitimate, you can edit this file and delete the line relating to the IP address or DNS of the server you are trying to connect to. You may need to do this in Administrator mode (windows) or as a sudo command on *nux.

On windows : Open notepad in Administrator mode (As a shortcut you can hold Ctrl + Shift + open the program)

On Linux/mac, in a terminal window you can run : sudo nano ~/.ssh/known_hosts

Once you've removed the offending line, save and close the file and re-connect, and you should be away. Do you have a better way of managing ssh keys? I would love to know more, please drop me a tweet

Happy secure-shelling!