SSH known_hosts Cheat Sheet

Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two computers. SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user.

In order to use public-key secure connection with other Linux hosts (ssh, scp, sftp) there is a special directory, ~/.ssh/, where passphrases and public keys are stored. Normally you wouldn’t need to know the gory details, but from time to time a host will change its public key and then you have difficulty using ssh, sftp or scp with that host, and have to edit a file named known_hosts.

If you try to ssh to another computer, but get an error message that warns about a changed or incorrect public key, then it is probably just a case of that host changing its public key. (It is possible, though usually not the case, that malicious hacking is involved.) Unless you actually suspect hacker involvement, you can edit the file ~/.ssh/known_hosts using your usual text editor (vi, emacs, or pico) and delete any line with the name or IP address of that host. Then when you try to ssh that host again, it will be like the first time ever; ssh will ask you if you want to accept a new public key, you type the whole word yes, and everything will proceed normally from there.

Said for an example, I have a Linux cluster running on 2 machines(active/passive mode) and usually users are connect using a virtual hostname or virtual IP address. Whenever Linux cluster or heartbeat switches over to the second machine and you try to ssh to it, ssh will reply with a WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! Annoying right?

So?

How to ignore SSH known_hosts in these case?
How to make SSH known_hosts work for cluster environments?

SSH known_hosts cheat sheet

Imagine you have the 2 cluster machines node1 and node2 with virtual hostname running as below:

node1 – IP address: 192.168.1.1
node2 – IP address: 192.168.1.2

Read more

Possibly Related Posts:

• How to add Dell PERC Drivers into VMware Converter Cold Clone ISO
• Top 10 Free Anti Virus
• How to Install Webmin on OpenFiler
• Microsoft SQL 2008 Agent not starts
• VMware Workstation 7 Serial Key

Planet Malaysia on Facebook

• Recent Posts

  • Android Development Training Program for Beginner (FREE)
  • MSC Malaysia Fully Sponsored 3D Animation Course
  • How to add Dell PERC Drivers into VMware Converter Cold Clone ISO
  • Top 10 Free Anti Virus
  • How to Install Webmin on OpenFiler
  • Samsung Galaxy Tab 2
  • Google Tablet ‘iPad’
  • Most Expensive Domain Names – Updated
  • Microsoft SQL 2008 Agent not starts
  • VMware Workstation 7 Serial Key

• Recent Comments

  • vivek on How to download NDS game into R4 Revolution?
  • jackson on Windows can’t stop your ‘Generic volume’ device because a program is still using it
  • Charles on Apple MAC in Malaysia
  • Dereck on Moles
  • alan on Apple MAC in Malaysia

• Archives

  Select Month December 2011 August 2011 July 2011 June 2011 April 2011 January 2011 December 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006

• Categories

  • Advertisement
  • Aggregates
  • amulets
  • Announcement
  • Blog
  • Blogroll
  • Contacts
  • Events
  • How's To
  • ISP
  • Make Money
  • Microsoft
  • News
  • Open Source
  • Personal
  • Politics
  • Poll
  • Religion
  • SEO
  • Soccer
  • Tips
  • Training
  • Uncategorized
  • VMware
  • Web 2.0
  • Windows