SSH – how to remove offending ssh key from known_hosts file

So  I have demoted and removed my old CentOS server that was my[easyazon-link asin=”0596102461″ locale=”us”] rsync [/easyazon-link] server. New server has been installed and configured and I am trying to run my rsync over [easyazon-link asin=”B004XITTHK” locale=”us”] SSH [/easyazon-link] and getting this error message about possible [easyazon-link asin=”B0075FPYKO” locale=”us”] a Man-in-the-Middle Attack [/easyazon-link] and mismatch of ssh keys. Of course, I have changed name but kept same IP address for the new server. My other server is keeping the old ssh keys in known_host file and now when connecting – they do not match :-).  You do not want to delete the entire known_hosts file and as well you do not want to disable this feature. It is very important feature so it gives you warning if really Man in the Middle attack is taking place. There is easy fix for this problem 😉

[nggallery id=20]

Here is how to remove the the offending key. Once you remove the key, you will be prompted again first time before you connect over ssh to add the new detected keys and IP into your known_host file.

### to see the keys in output (my case)
su
cat /root/ .ssh/known_hosts

Here is command line to remove my offending key for IP: 10.0.4.74

su
ssh-keygen -R 10.0.4.74

Now the offending and mismatched key is removed and you can reconnect again with ssh and you will be able to add and update your known_host file with the new and correct ssh key for the system 🙂

[easyazon-image align=”none” asin=”0596008953″ locale=”us” height=”160″ src=”http://ecx.images-amazon.com/images/I/51T1CoLJWBL._SL160_.jpg” width=”122″]

Leave a Reply