問題: 通過SSH連接某臺服務器的時候出現錯誤
[root@tw]# ssh xxx.xxx.xxx.xxx
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
25:d7:4d:2f:2d:87:9d:5a:fe:d2:c3:d9:a4:e7:4c:9e.
Please contact your system administrator.
Add correct host key in /home/XXX/.ssh/known_hosts to get rid of this message.
Offending key in /home/sjcool/.ssh/known_hosts:3
RSA host key for [218.XXX.XXX.XXX]:22 has changed and you have requested strict checking.
解決方法: vi /root/.ssh/known_hosts 刪除掉那個IP對應的公鑰,保存退出再連接就可以了
解釋
用OpenSSH的人都知ssh會把你每個你訪問過計算機的公鑰(public key)都記錄在~/.ssh/known_hosts。當下次訪問相同計算機時,OpenSSH會覈對公鑰。如果公鑰不同,OpenSSH會發出警告,避免你受到DNS Hijack之類的攻擊。因此我們現在只需要刪除knows_hosts文件中所對應的IP節點的公鑰,然後再ssh IP地址就可以了。