主要現象:ssh/scp 失敗,host key verification failed.
# scp /home/iso/********.iso root@192.168.1.***:/home/ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is df:33:37:b6:7b:c9:e5:19:65:f7:38:ad:94:b2:9e:36. Please contact your system administrator. Add correct host key in /root/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /root/.ssh/known_hosts:1 ECDSA host key for 192.168.1.*** has changed and you have requested strict checking. Host key verification failed. lost connection
從報錯信息看是因為目標主機key【比如重做系統或者還原】與已保存的key不同導致認證失敗!
key算法為ECDSA,百度可知為橢圓曲線數字簽名算法。詳情請自查。
解決辦法:刪除留存的秘鑰
# rm -f /root/.ssh/known_hosts
測試一下:
# scp /home/iso/********.iso root@192.168.1.***:/home/ The authenticity of host '192.168.1.*** (192.168.1.***)' can't be established. ECDSA key fingerprint is df:33:37:b6:7b:c9:e5:19:65:f7:38:ad:94:b2:9e:36. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.1.***' (ECDSA) to the list of known hosts. root@192.168.1.***'s password: ********.iso 100% 3239MB 81.0MB/s 00:40
bye