Fix an RSA Host key error

SUMMARY

Fix an RSA Host key error

ISSUE

The purpose of this KB is to show you how to get around the RSA Host key error. You will see these errors when trying to log on to a source's machine from a target.


The RSA Host key error will look something like this:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

Someone could be eavesdropping on you right now (man-in-the-middle attack)!

It is also possible that the RSA host key has just been changed.

The fingerprint for the RSA key sent by the remote host is

11:66:22:44:44:89:60:73:99:11:77:66:fe:00:66:00.

Please contact your system administrator.
 Add correct host key in /root/.ssh/known_hosts to get rid of this message.

Offending key in /root/.ssh/known_hosts:3

RSA host key for DPU_12345 has changed and you have requested strict checking.

Host key verification failed.

 

  1. In the "Offending key in /root/.ssh/known_hosts: 3" line, find the known_hosts number that is having the problem.  In this case, it is 3.  
  2. Change the X in the following command to the number found in the line known_hosts:​​​ 
    1. Change the command:  perl -pi -e 's/\Q$_// if ($. == X);' ~/.ssh/known_hosts
    2. to look like this:  perl -pi -e 's/\Q$_// if ($. == 3);' ~/.ssh/known_hosts
  3. Run this command through a SSH session.  This will clear the /root/.ssh/known_hosts file of the corrupt line of data, and allow you to SSH to the adjoining appliance again.  
  4. NOTE: Alternatively, you can also vi /root/.ssh/known_hosts in a SSH session and delete the offending line.  However, this is not as safe as running the command above.  

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us