How to edit ECDSA fingerprint?

Matt Graham danceswithcrows at usa.net
Thu Jul 12 15:51:03 MST 2012


From: joe at actionline.com
> would like to know if it is possible/permissible to edit my
> /home/joe/.ssh/known_hosts in a text editor.

Of course.

> WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
> 
> The fingerprint for the ECDSA key sent by the remote host is
> f7:d3:24:83:f8:fa:50:00:6f:82:2a:eb:3e:6b:25:51.
> Add correct host key in /home/joe/.ssh/known_hosts to get rid of this
> message.
> Offending ECDSA key in /home/joe/.ssh/known_hosts:10

Messages like this often mean that the remote machine's been re-OSed recently,
and the person who did that didn't remember to save the host keys from the old
install.  If you know that the remote machine hasn't been r00ted by Evil
H4xx0rZ,[0] then the thing to do is to edit your known_hosts file, delete line
10 (the offending key), then ssh in to the remote machine again.  ssh will say
"host key fingerprint is unknown!  Accept key {1234} from $HOST?" and if you
allow that, stuff should start working again.

If you think the remote machine's been compromised, you may wish to use a
crew-served mortar on it.  Just to be sure.  :-)

[0] http://crow202.org/2008/haxored_by_pigs2.jpg

-- 
Matt G / Dances With Crows
The Crow202 Blog:  http://crow202.org/wordpress/
There is no Darkness in Eternity/But only Light too dim for us to see



More information about the PLUG-discuss mailing list