Is it possible to remove a particular host key from SSH's known_hosts file?
Use this command to remove entries from known_hosts:
ssh-keygen -R hostname
Yes, you can remove just one key. Just open it in an editor and delete the offending line. The number after the colon in the error message is the line number, so that's the line to delete -- line 1 in your example..
I have only recently started using host key's, but when I have messed with them it is generally one key per line so backup the file and remove them one at a time until you find the right one. Then add the others back. Bit of a long way to do it, but should work.
Also based on that error, and with no idea what so ever, it could be the first host key in the file that is the problem so open up the file with vim
vim ~/.ssh/known_hosts
and hit
dd
then save it.
Using ssh-keygen -R hostname will not always work. If you have a newer version of SSH that is "hiding" the hostnames to prevent ssh-agent hijacking, apparently ssh-keygen is unable to unhash the hostname.
For example, I have a host called build-node-01 and I have connected to it and accepted the key. I then rebuild it from scratch, getting a new host fingerprint and I try to reconnect, I will get a warning that there is a conflict on line X (say 3). I run ssh-keygen -R hostname
, but the next time I try to connect I still get a warning that there is a conflict. I examined the file only to discover that the hostname was hashed and showed up as [1] Bu4Ch@R@4D0M57uFF
instead of a readable hostname.
In this case the only way to successfully get the offending host removed was to use
sed -i 'xd' ~/.ssh/known_hosts
To take this sed one step further, you may wish to make a backup of the known_hosts in case you delete the wrong line, in this case just add a .bak (or any extension) to the -i option to create a backup with that extension. Using ssh-keygen does this automatically.
sed -i.bak 'xd' ~/.ssh/known_hosts