Page 1 of 1

Not able to ssh without password even after adding ssh-key

Posted: Tue Dec 11, 2018 3:03 pm
by suneet0811
[email protected]:~ $ ssh [email protected]
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
0f:19:ce:2f:f9:a6:4d:0b:94:12:bd:3c:64:61:bc:c2.
Please contact your system administrator.
Add correct host key in /home/pi/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/pi/.ssh/known_hosts:2
remove with: ssh-keygen -f "/home/pi/.ssh/known_hosts" -R solariss.penv.com
ECDSA host key for solaredge.mpenv.com has changed and you have requested strict checking.
Host key verification failed.












Can anyone help me out.


Thanks in advance

Re: Not able to ssh without password even after adding ssh-key

Posted: Tue Dec 11, 2018 3:10 pm
by n67
Did you try:

Code: Select all

ssh-keygen -f "/home/pi/.ssh/known_hosts" -R solariss.penv.com
as suggested?

Re: Not able to ssh without password even after adding ssh-key

Posted: Tue Dec 11, 2018 6:42 pm
by richrarobi
https://www.ssh.com/ssh/keygen/

About a third of the way down the above page....
Did you remember to copy the generated key into the other system?

Re: Not able to ssh without password even after adding ssh-key

Posted: Tue Dec 11, 2018 8:16 pm
by fbe
The server's (solariss.penv.com) key is refused by the client ([email protected]) here, because the server is already known with a different key. If you are sure, that the server's key actually has changed, you can remove the invalid former key from your client's "known_hosts" file as suggested in the error message. You are asked to accept the unknown new key when you login next time.

The authentication of the client by the server comes later.

Re: Not able to ssh without password even after adding ssh-key

Posted: Tue Dec 11, 2018 8:19 pm
by Roken
Try (and I'm going to assume you have vim, but you can substitute nano):

Code: Select all

vim .ssh/known_hosts
Delete the entry for the failing ssh session. Save, and retry.

Re: Not able to ssh without password even after adding ssh-key

Posted: Tue Dec 11, 2018 8:32 pm
by n67
Roken wrote:
Tue Dec 11, 2018 8:19 pm
Try (and I'm going to assume you have vim, but you can substitute nano):

Code: Select all

vim .ssh/known_hosts
Delete the entry for the failing ssh session. Save, and retry.
A good idea in theory, but it doesn't work very often in practice because the hostnames are hashed. So, it is hard to tell which line to delete. That's why ssh tells you which line to delete.

Of course, the easiest thing is just to remove the file. If there's only one machine you're trying to connect to, then problem solved. If there are (were) others, then it is no big deal. You will just get prompted the next time you try to login to each of those other machines.

Actually, I think this whole host key checking thing is a bunch of nonsense. Not that it isn't well meaning, and I do understand the idea behind it (of course), but the fact is that most users are just taught to always type 'yes' when prompted - which is pretty much all they can do - and which, of course, defeats whatever purpose the thing may have had.

Re: Not able to ssh without password even after adding ssh-key

Posted: Wed Dec 12, 2018 6:00 am
by Roken
n67 wrote:
Tue Dec 11, 2018 8:32 pm
Roken wrote:
Tue Dec 11, 2018 8:19 pm
Try (and I'm going to assume you have vim, but you can substitute nano):

Code: Select all

vim .ssh/known_hosts
Delete the entry for the failing ssh session. Save, and retry.
A good idea in theory, but it doesn't work very often in practice because the hostnames are hashed. So, it is hard to tell which line to delete. That's why ssh tells you which line to delete.
The hostnames are, but the IPs are perfectly visible, so it's easy enough to identify the miscreant entry.

Re: Not able to ssh without password even after adding ssh-key

Posted: Wed Dec 12, 2018 11:32 am
by n67
The hostnames are, but the IPs are perfectly visible, so it's easy enough to identify the miscreant entry.
I guess it can vary.

There are no visible IP addresses - no recognizable strings of digits - in my known_hosts files.

Re: Not able to ssh without password even after adding ssh-key

Posted: Wed Dec 12, 2018 11:44 am
by epoch1970
suneet0811 wrote:
Tue Dec 11, 2018 3:03 pm
Offending ECDSA key in /home/pi/.ssh/known_hosts:2
remove with: ssh-keygen -f "/home/pi/.ssh/known_hosts" -R solariss.penv.com
If the message is a false alarm:
- execute the command shown in the message: ssh-keygen -f "/home/pi/.ssh/known_hosts" -R solariss.penv.com
or
- remove line 2 in /home/pi/.ssh/known_hosts