问题现象

SSH登录远程服务器失败,提示信息如下:

  1. ~ ssh root@172.16.0.17
  2. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  3. @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
  4. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
  5. IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
  6. Someone could be eavesdropping on you right now (man-in-the-middle attack)!
  7. It is also possible that a host key has just been changed.
  8. The fingerprint for the RSA key sent by the remote host is
  9. SHA256:qH+TOjxHIA7fxPyzFhfIJANIqe8Yj5ULUeKhucKO/lM.
  10. Please contact your system administrator.
  11. Add correct host key in /Users/shanshui/.ssh/known_hosts to get rid of this message.
  12. Offending RSA key in /Users/shanshui/.ssh/known_hosts:28
  13. RSA host key for 172.16.0.17 has changed and you have requested strict checking.
  14. Host key verification failed.

报错原因

17服务器近期迁移了,系统信息发生变更,现有的knownHost信息与新的服务器不匹配,故报错;

解决办法

  1. 删除konown Host信息,进入.ssh目录,删除文件;
  2. 使用ssh-keygen -R 172.16.0.x重置konwn host信息; ``` ~ ssh-keygen -R 172.16.0.17

    Host 172.16.0.17 found: line 28

    /Users/shanshui/.ssh/known_hosts updated. Original contents retained as /Users/shanshui/.ssh/known_hosts.old ➜ ~ ssh root@172.16.0.17 The authenticity of host ‘172.16.0.17 (172.16.0.17)’ can’t be established. ECDSA key fingerprint is SHA256:Wkmucog9S+hrvUcMXosQrUgpJpfQ5fug3EoluXqBaTc. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added ‘172.16.0.17’ (ECDSA) to the list of known hosts. root@172.16.0.17’s password: Last unsuccessful login: Fri Oct 9 14:10:28 CST 2020 on /dev/pts/4 from 172.16.28.173 Last login: Mon Oct 12 10:06:31 CST 2020 on /dev/pts/2 from 172.16.28.99
  • *
  • *
  • Welcome to AIX Version 7.1! *
  • *
  • *
  • Please see the README file in /usr/lpp/bos for information pertinent to *
  • this release of the AIX Operating System. *
  • *
  • *

root@erpdb1:/#

``` 执行重置命令后,重新输入密码,登录成功