SSH "Host key verification failed"

ssh server

I am supposed to put up a file on a server from my own computer with ssh as a school assignment.

It has been a slow process but now I'm stuck. I have googled but not found anything that has helped. As I am a total beginner at this it is probably some stupid fault of mine, so please help me out (easy instructions, expect me to do it wrong ;) ) . Below is the terminal text from where I am stuck, I have tried both logged in on my computer and logged in on the server.

logged in on the server:

teddy@rymd-srv:~$ ssh-keygen -R [email protected]
/home/teddy/.ssh/known_hosts updated.
Original contents retained as /home/teddy/.ssh/known_hosts.old
teddy@rymd-srv:~$ scp -r [email protected]:/home/teddy/Pictures/filetransfer.jpeg 
[email protected]:/home/teddy
[email protected]'s password:
Host key verification failed.
lost connection

logged in on my own computer:

teddy@TeddysDator:~$ ssh-keygen -R [email protected] 
/home/teddy/.ssh/known_hosts updated.
Original contents retained as /home/teddy/.ssh/known_hosts.old
teddy@TeddysDator:~$ scp -r [email protected]:/home/teddy/Pictures/filetransfer.jpeg 
[email protected]:/home/teddy
The authenticity of host '85.226.40.57 (85.226.40.57)' can't be established.
ECDSA key fingerprint is ef:9c:4c:41:3c:9d:b1:40:05:67:30:34:e8:d3:ab:c6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '85.226.40.57' (ECDSA) to the list of known hosts.
[email protected]'s password:
Host key verification failed.
lost connection

This is likely a problem with how older versions of SSH handle host verification when ECDSA is used by default.

If you trust that the server and network have not been compromised, just add the host's RSA key to your known_hosts file:

ssh-keyscan ssh-server.example.com | tee -a ~/.ssh/known_hosts

This usually indicates that the host's key in your known_hosts file and that handed to you by the server don't match.

This can mean two things: that the server's key did indeed change (if they reinstalled it, for instance), or that there is indeed a "person in the middle" attack going on.

The best way to make sure is to contact the server's administrator and tell them about the error message, asking them if they know about this change of key. If they know nothing, you may want to be cautious about connecting to the server.

Usually what you do here is:

ssh-keygen -R server.name

to remove the old entry. I notice you're already doing this, so I'm not too sure what's happening here. However the fact that you're doing this suggests that you've been told to do it, which may also indicate that the server's key does indeed change on a periodic basis.

One thing to try is disable host key checking altogether (not recommended, but if you're doing the connection from the server to itself I guess it should be relatively safe):

ssh -o 'StrictHostKeyChecking=no' ssh-server.example.com

Note, if this works, please DON'T make this the default, as it is quite unsafe; instead, let the server's administrator know about this, because this could be a problem with the server and its key information.

Read here for some good information on ssh host key checking:

http://www.symantec.com/connect/articles/ssh-host-key-protection

Related

Delete a calendar from Evolution
GNOME Builder fails to install
Which US international keyboard layout gives me all umlauts and sharp S?
Which package to install to get header file glad.h?
Wired network connection keeps disconnecting
How can I install two versions of .NET for Rider?
Ubuntu 20.04 Full Screen Mode Resolution in Hyper-V is very small
Ubuntu driver for WiFi for Asus 550L
Trouble installing Lubuntu/Ubuntu on old laptop with Windows 10
Python sockets: TCP errors in linux, while same program works fine on Windows10
Why are there always at least two authoritative name servers for a registered domain?
How can I get the list of app pool using appcmd.exe