Warning message when you try to connect to a server using SSH
You may receive a warning message about a remote host's key when you try to connect using SSH. Visit this article to learn how to resolve this issue.
This article describes a problem that may occur when you try to connect to a server using SSH, and how to resolve it.
Problem
When you try to connect to a server using SSH, you receive a warning message.
- If your computer is running macOS or Linux, the message is:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
- If you are using PuTTY on Microsoft Windows, the message is:
WARNING - POTENTIAL SECURITY BREACH!
The server's host key does not match the one PuTTY has cached in the registry.
This means that either the server administrator has changed the host key,
or you have actually connected to another computer pretending to be the server.
Cause
The most likely cause of this problem is that the RSA fingerprint has changed on the remote server, but the client computer still has the previous RSA fingerprint stored. This often occurs after you install a new operating system template on a server.
Important
If you have not made any recent changes to the server, it is possible that a malicious actor is pretending to be the server (this is also known as a "man-in-the-middle" attack). If you suspect this may be the case, you can open a support ticket on the Hosting Panel at https://my.hosting.com and we will investigate the issue further.
Resolution
To resolve this problem, follow the appropriate procedure for your client computer's operating system.
macOS and Linux
To resolve this problem on client computers running macOS or Linux, follow these steps:
-
Locate the following line of text in the warning message. Your values of path and x will be different:
Offending RSA key in /path/.ssh/known_hosts:x
-
Use your preferred text editor to open the /path/.ssh/known_hosts file.
-
Delete the entire line of text indicated by number x.
-
Save your changes to the file and exit the text editor.
-
You should now be able to connect to the server using SSH.
Microsoft Windows
When PuTTY displays the warning message, you have three options:
-
If you recently changed the server configuration or reinstalled the operating system, click Yes to update PuTTY's cache with the server's new RSA fingerprint. The warning message will not appear the next time you connect to the server.
-
If you are unsure about the server configuration, you can click No to continue connecting without updating PuTTY's cache. The warning message will appear the next time you connect to the server.
-
If you are sure that the server configuration has not changed, and suspect that a malicious actor may be tampering with the connection, click Cancel. Open a support ticket on the Hosting Panel at https://my.hosting.com and we will investigate the issue further.
Related articles
Updated 4 months ago