How to Trouble Shoot(REMOTE HOST IDENTIFICATION HAS CHANGED)

How to Trouble Shoot(REMOTE HOST IDENTIFICATION HAS CHANGED)
mohammedrafi@NOC-RAFI:~$ ssh -v root@linuxmadeeasy.in
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to linuxmadeeasy.in [192.169.173.171] port 22.
debug1: Connection established.
debug1: identity file /home/mohammedrafi/.ssh/id_rsa type 1
debug1: identity file /home/mohammedrafi/.ssh/id_rsa-cert type -1
debug1: identity file /home/mohammedrafi/.ssh/id_dsa type -1
debug1: identity file /home/mohammedrafi/.ssh/id_dsa-cert type -1
debug1: identity file /home/mohammedrafi/.ssh/id_ecdsa type -1
debug1: identity file /home/mohammedrafi/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/mohammedrafi/.ssh/id_ed25519 type -1
debug1: identity file /home/mohammedrafi/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA bf:dd:e9:a4:51:01:3f:fd:ac:b2:d9:56:3e:62:ea:d0
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for linuxmadeeasy.in has changed,
and the key for the corresponding IP address 192.169.173.171
is unchanged. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
Offending key for IP in /home/mohammedrafi/.ssh/known_hosts:71
remove with: ssh-keygen -f “/home/mohammedrafi/.ssh/known_hosts” -R 192.169.173.171
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
bf:dd:e9:a4:51:01:3f:fd:ac:b2:d9:56:3e:62:ea:d0.
Please contact your system administrator.
Add correct host key in /home/mohammedrafi/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/mohammedrafi/.ssh/known_hosts:66
remove with: ssh-keygen -f “/home/mohammedrafi/.ssh/known_hosts” -R linuxmadeeasy.in
RSA host key for linuxmadeeasy.in has changed and you have requested strict checking.
Host key verification failed.

————————————————————————————————————–
Note:From the server which your trying to login has a remote server old-key need to remove it.
————————————————————————————————————–
use any editor and go to that line in this example its the path and line number /home/mohammedrafi/.ssh/known_hosts:66 just go to line number 66 and use dd to delete in vi editor.and try login again

mohammedrafi@NOC-RAFI:~$ vim /home/mohammedrafi/.ssh/known_hosts

mohammedrafi@NOC-RAFI:~$ ssh -v root@linuxmadeeasy.in
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to linuxmadeeasy.in [192.169.173.171] port 22.
debug1: Connection established.
debug1: identity file /home/mohammedrafi/.ssh/id_rsa type 1
debug1: identity file /home/mohammedrafi/.ssh/id_rsa-cert type -1
debug1: identity file /home/mohammedrafi/.ssh/id_dsa type -1
debug1: identity file /home/mohammedrafi/.ssh/id_dsa-cert type -1
debug1: identity file /home/mohammedrafi/.ssh/id_ecdsa type -1
debug1: identity file /home/mohammedrafi/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/mohammedrafi/.ssh/id_ed25519 type -1
debug1: identity file /home/mohammedrafi/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA bf:dd:e9:a4:51:01:3f:fd:ac:b2:d9:56:3e:62:ea:d0
The authenticity of host ‘linuxmadeeasy.in (192.169.173.171)’ can’t be established.
RSA key fingerprint is bf:dd:e9:a4:51:01:3f:fd:ac:b2:d9:56:3e:62:ea:d0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘linuxmadeeasy.in’ (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available

debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available

debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
No Kerberos credentials available

debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/mohammedrafi/.ssh/id_rsa
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: /home/mohammedrafi/.ssh/id_dsa
debug1: Trying private key: /home/mohammedrafi/.ssh/id_ecdsa
debug1: Trying private key: /home/mohammedrafi/.ssh/id_ed25519
debug1: Next authentication method: password
root@linuxmadeeasy.in’s password:
debug1: Authentication succeeded (password).
Authenticated to linuxmadeeasy.in ([192.169.173.171]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_IN
[root@nagios ~]#

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s