Posts: 5
Joined: Thu Mar 21, 2013 11:15 am

known_hosts and Remote Host Identification

Thu Mar 21, 2013 11:22 am

Hi - I'm afraid I'm only just staring out with Raspberry and linux so please bear with me.

I reinstalled my Raspberry and when I tried to reconnect via ssh I got the message
Offending ECDSA key in /home/mobaxterm/.ssh/known_hosts:1

and I was directed to /home/mobaxterm/.ssh/known_hosts as I was using MobaXterm to access over ssh.

I logged in using the pi account and tried the various fixes such as ssh-keygen -R hostname -f ~/.ssh/known_hosts but I kept running into the problem that I couldn't access /home/mobxterm to find the known_hosts files.

I am assuming this is because by logging in using the pi account I am in a different part of the directory, so I wondered whether anyone could direct me into how to get access to the known_host file.

I'm now using putty and it's logging in fine - presumably as it is using a new key

Any explanation would be much appreciated

User avatar
Posts: 1382
Joined: Sat Sep 15, 2012 10:35 am
Contact: Website

Re: known_hosts and Remote Host Identification

Thu Mar 21, 2013 11:53 am

Off hand it looks like Mobaxterm has cached the RSA key for the Pi and needs to be deleted. On a Windows machine I believe the key is found in C:\Documents and Settings\<your_user>\.ssh\ directory a google search on where the rsa key is cached in Mobaxterm and your OS should point to the directory of your OS. When you connect over ssh the pi sends it's key the remote machine caches the key. Your rebuilt the SD so it created a new key but the IP and MAC didn't change is probably what happened. So the remote see's the same connection but a different key. - always looking for content feel free to ask to have it posted. Or sign up and message me to become a contributor to the site. Raspians is not affiliated with the Raspberry Pi Foundation. (RPi's + You = Raspians)

Posts: 34
Joined: Tue Feb 05, 2013 9:52 am

Re: known_hosts and Remote Host Identification

Thu Mar 21, 2013 12:29 pm

Basically, this is your local computer complaining that the SSH signature of your Raspberry Pi has changed. Which, if you hadn't reinstalled your Pi, would be indicative of a potentially serious security issue (ie. something else masquerading as your Pi, and stealing your password).

There are two solutions: put the signature of your Pi back as it was (probably impossible, if you didn't keep a backup of the relevant files), or remove your Pi's signature from the known_hosts file *on your local machine*. And then, the next time you connect, your local machine will think it's a brand new connection, ask if you trust it, and then cache the *new* signature.

Posts: 5
Joined: Thu Mar 21, 2013 11:15 am

Re: known_hosts and Remote Host Identification

Thu Mar 21, 2013 3:16 pm

Malakai / wimble - thank you very much for you responses. I found the key on the local machine and deleted it and was fine after that. Thanks so much for your quick responses.

Posts: 1
Joined: Fri Dec 13, 2013 6:17 am

Re: known_hosts and Remote Host Identification

Fri Dec 13, 2013 6:33 am

I found mine in:

C:\Documents and Settings\YourAdminUser\My Documents\MobaXterm\home\.ssh\known_hosts

Open the known_hosts file with any text editor and delete accordingly (deleting everything is safer for a novice because the ssh keys will be recaptured and saved on the next login)

Save the changes to known_hosts file

Start a new ssh session and login to your host


Return to “General discussion”