通过 SSH 连接 群晖 时出现类似如下报错且无法正确建立连接:
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! Host key verification failed问题现象:
lsj@Mac-Pro ~ % ssh 192.168.10.251 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ED25519 key sent by the remote host is SHA256:QnnL5H5ErnkpQbtDXFN3n8Z4GFBNgMKZevhJU1Oa5cs. Please contact your system administrator. Add correct host key in /Users/lsj/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /Users/lsj/.ssh/known_hosts:4 Host key for 192.168.10.251 has changed and you have requested strict checking. Host key verification failed.问题原因:
服务器的公钥(public key)发生了变化(比如重装了系统或重装了openssh服务),而客户端存储的信息没有发生变化
使用 OpenSSH 连接服务器会把你每个你访问过计算机的公钥(public key)都记录在 ~/.ssh/known_hosts 文件中。当下次访问相同计算机时,OpenSSH会核对公钥。如果公钥不同,OpenSSH会发出警告,避免你受到DNS Hijack之类的攻击。
解决方案:
ssh-keygen -f "/User/lsj/.ssh/known_hosts" -R 192.168.10.251
近期评论