How to remove strict RSA key checking in SSH and what's the problem here?

ssh security rsa man-in-the-middle hostkey

Please don't delete the entire known_hosts file as recommended by some people, this totally voids the point of the warning. It's a security feature to warn you that a man in the middle attack may have happened.

I suggest you identify why it thinks something has changed, most likely an SSH upgrade altered the encryption keys due to a possible security hole. You can then purge that specific line from your known_hosts file:

sed -i 377d ~/.ssh/known_hosts

This deletes line 377 as shown after the colon in the warning:

/home/emerson/.ssh/known_hosts:377

Alternatively you can remove the relevant key by doing the following

ssh-keygen -R 127.0.0.1 (obviously replace with the server's IP)

Please DO NOT purge the entire file and ensure this is actually the machine you want to be connecting to prior to purging the specific key.


I think though some of the answers here address the recommended course of action in the OP's question, it does not fully answer the question.

The question states "How to remove strict RSA key checking in SSH and what's the problem here?"

The problem here is, as advised by some others, a change in the host probably due to reinstallation of the server (most common scenario). And the recommended solution is indeed to remove the offending key from the .ssh/authorized_keys file with an inline sed.

However I didnt see any answers address the specific part of the question "How to remove strict RSA key checking in SSH".

You can remove StrictHostKey checking in your ssh configuration file, typically stored at ~/.ssh/config.

An example Host block is provided below:

Host 101
  HostName yourip|hostname
  User youruserid
  IdentityFile /path/to/keyfile
  Port 22
  StrictHostKeyChecking no

The specifically added line is the last one StrictHostKeyChecking no which does just what that. Depending on your specific scenario, this may be useful to you, such as running multiple virtualized containers on a dedicated server, on just a few ips, stopping and starting another instance on the same ip.

Related

How to install libpq-dev on Centos 5.5
How do you wait for an exe to complete in batch file?
How to monitor a windows log file in real time? [closed]
How do I check the postfix queue size?
Why can't I cd to a directory with docker run?
How do I connect to ssh with a different public key?
How to diagnose a 500 Internal Server Error on IIS 7.5 when nothing is written to the event log?
64-bit TortoiseSVN on Windows 7 says "file or directory is corrupted and unreadable" then runs chkdsk [closed]
What is the difference between a soft (symbolic) link and a hard link?
What Should be the Permissions of Apache SSL Directory, Certificate, and Key?
What's the difference between 'useradd' and 'adduser'?
How to change sshd port on Mac OS X?