今天通过ssh和域名连接主机:
IcarusdeMacBook-Pro:~ icarus$ ssh root@icarusyu.me
出现了如下错误:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@The ECDSA host key for icarusyu.me has changed,and the key for the corresponding IP address 165.227.52.49is unchanged. This could either mean thatDNS SPOOFING is happening or the IP address for the hostand its host key have changed at the same time.Offending key for IP in /Users/icarus/.ssh/known_hosts:4@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!Someone could be eavesdropping on you right now (man-in-the-middle attack)!It is also possible that a host key has just been changed.The fingerprint for the ECDSA key sent by the remote host isSHA256:dcs240xWGNTvHg1qUkrkg4Pzb1pYzCgzghTHlEG+uZ0.Please contact your system administrator.Add correct host key in /Users/icarus/.ssh/known_hosts to get rid of this message.Offending ECDSA key in /Users/icarus/.ssh/known_hosts:3ECDSA host key for icarusyu.me has changed and you have requested strict checking.Host key verification failed.
提示中出现了关键信息:
Add correct host key in /Users/icarus/.ssh/known_hosts to get rid of this message.Offending ECDSA key in /Users/icarus/.ssh/known_hosts:3
原因是在主机子系统每次成功ssh连接远程操作,都会把你每个你访问过计算机的公钥(public key)都记录在主机的目录/Users/icarus/.ssh/known_hosts下,当下次访问相同子机服务器时,会核对公钥。如果公钥不同,会发出警告,避免你受到DNS Hijack之类的攻击。
解决办法:
进入目录删除文件即可,然后重新连接就能发现连接上了。
IcarusdeMacBook-Pro:~ icarus$ cd ~/.ssh/IcarusdeMacBook-Pro:.ssh icarus$ lsknown_hosts known_hosts.oldIcarusdeMacBook-Pro:.ssh icarus$ rm known_hostsIcarusdeMacBook-Pro:.ssh icarus$ ssh root@icarusyu.meThe authenticity of host 'icarusyu.me (165.227.52.49)' can't be established.ECDSA key fingerprint is SHA256:dcs240xWGNTvHg1qUkrkg4Pzb1pYzCgzghTHlEG+uZ0.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'icarusyu.me,165.227.52.49' (ECDSA) to the list of known hosts.root@icarusyu.me's password: Welcome to Ubuntu 16.04.4 LTS (GNU/Linux 4.4.0-116-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud