当前位置:   article > 正文

执行ssh-copy-id报错REMOTE HOST IDENTIFICATION HAS CHANGED_/usr/bin/ssh-copy-id: info: source of key(s) to be

/usr/bin/ssh-copy-id: info: source of key(s) to be installed: "/root/.ssh/id


一、问题描述

执行 ssh-copy-id 复制公钥时报错:

[root@localhost .ssh]# ssh-copy-id 192.168.1.20
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
ERROR: Someone could be eavesdropping on you right now (man-in-the-middle attack)!
ERROR: It is also possible that a host key has just been changed.
ERROR: The fingerprint for the ECDSA key sent by the remote host is
ERROR: SHA256:hLIfltlMl6yklXMef6jV7+223344555555556.
ERROR: Please contact your system administrator.
ERROR: Add correct host key in /root/.ssh/known_hosts to get rid of this message.
ERROR: Offending ECDSA key in /root/.ssh/known_hosts:3
ERROR: ECDSA host key for 192.168.1.20 has changed and you have requested strict checking.
ERROR: Host key verification failed.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17

二、解决方法

考虑为密钥不匹配,查看是否存在旧密钥:

ssh-keygen -l -f ~/.ssh/known_hosts
  • 1
[root@localhost .ssh]# ssh-keygen -l -f ~/.ssh/known_hosts
256 SHA256:5SE+2cIdoP/IeYZgWnTa/w55555666777777 192.168.1.20 (ECDSA)
  • 1
  • 2

重新生成密钥:

ssh-keygen -R 192.168.1.20
  • 1
[root@localhost .ssh]# ssh-keygen -R 192.168.1.20
# Host 192.168.1.20 found: line 3
/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old
[root@localhost .ssh]# ssh-copy-id 192.168.1.20
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.20 (192.168.1.20)' can't be established.
ECDSA key fingerprint is SHA256:hLIfltlMl6yklXMef6jV7+3RSpcLk6cKakWEwwwww.
ECDSA key fingerprint is MD5:5d:20:23:b5:4e:ca:dc:e1:48:3d:75:11:22:aa:62:c8.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.1.20's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.1.20'"
and check to make sure that only the key(s) you wanted were added.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18

再次执行 ssh-copy-id 成功:

ssh-copy-id 192.168.1.20
  • 1
[root@localhost .ssh]# ssh-copy-id 192.168.1.20
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.1.20 (192.168.1.20)' can't be established.
ECDSA key fingerprint is SHA256:hLIfltlMl6yklXMef6jV7+3RSpcLk6cKakWEwwwww.
ECDSA key fingerprint is MD5:5d:20:23:b5:4e:ca:dc:e1:48:3d:75:11:22:aa:62:c8.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@192.168.1.20's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.1.20'"
and check to make sure that only the key(s) you wanted were added.
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/Cpp五条/article/detail/435362
推荐阅读
相关标签
  

闽ICP备14008679号