Tip: Remove bad SSH Key with an easy command

tfraleyTips and tricksLinuxApple
Written By Thomas Fraley

Ok, so most of us have run in the dreaded Remote host identification has changed warning before. Which in turn makes us dig through our known_host file and delete that remote key entry. Wouldn’t it be nice if you didn’t have to even touch that file? Here is a quick command to save you some time and removes that bad entry.

So you SSH'd into your remote machine, just to find the following warning:

Terminal Output:

office:~ thomasfraley$ ssh Hostname.domain.net
'' @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
'' @       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
'' @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
'' The RSA host key for hangout.homeip.net has changed,
'' and the key for the corresponding IP address 192.168.71.89
'' is unknown. This could either mean that
'' DNS SPOOFING is happening or the IP address for the host
'' and its host key have changed at the same time.
'' @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
'' @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
'' @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
'' IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
'' Someone could be eavesdropping on you right now (man-in-the-middle attack)!
'' It is also possible that a host key has just been changed.
'' The fingerprint for the RSA key sent by the remote host is
'' 87:7b:d3:35:42:fb:b9:b2:66:ee:3c:27:b4:17:a1:f8.
'' Please contact your system administrator.
'' Add correct host key in /Users/thomasfraley/.ssh/known_hosts to get rid of this message.
'' Offending RSA key in /Users/thomasfraley/.ssh/known_hosts:2
'' RSA host key for hangout.homeip.net has changed and you have requested strict checking.
'' Host key verification failed.
'' office:~ thomasfraley$ 

 

At this point we would normally head over to our know_hosts file and delete the entry, either by using vim, nano or a GUI text editor on our local machine 

On most Linux distros it can be found under 
    root/.ssh/known_hosts or ~/.ssh/known_hosts on your Mac

 

How about we skip all of that and save some time with a short simple command

ssh-keygen -R “hostname or IP”

Examples: depending on if your entry was added as hostname or IP address

  • ssh-keygen -R hostname.domain.net

  • ssh-keygen -R 192.168.71.89

 

Terminal Output:

office:~ thomasfraley$ ssh-keygen -R Hostname.domain.net
'' Host hangout.homeip.net found: line 2 type RSA
'' /Users/thomasfraley/.ssh/known_hosts updated.
'' Original contents retained as /Users/thomasfraley/.ssh/known_hosts.old
'' office:~ thomasfraley$ 

 

Thomas Fraley
I am a tech enthusiast whose main focus is making technology easy again for everyone. Educated with degrees in network engineering and project management. I've worked in the entertainment industry for a decade as a director of information technology for global companies pioneering the way. A few years ago I decided to give back and have been helping young entrepreneur startups off on the right foot.
www.lifewithtech.net
Previous

Mac Tip: Find your screen resolution, through a command line
Next

Virtualization: is there anything better out there?