I. Description of the problem
When I connect to my server, the return information is as follows
Second, the problem analysis
The information returned is what does this mean?
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
可能是有人做了不好的事
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
有人可能监听你,对你进行了中间人攻击
It is also possible that a host key has just been changed.
也有可能host key刚刚改变了。
The fingerprint for the ECDSA key sent by the remote host is
SHA256:XXXXX
远程主机发送过来的ECDSA key 指纹是xxxxx
Please contact your system administrator.
Add correct host key in /Users/fangzhijie/.ssh/known_hosts to get rid of this message.
添加正确的host key到这个文件中来避免这条信息。
Offending ECDSA key in /Users/fangzhijie/.ssh/known_hosts:8
ECDSA host key for bei1 has changed and you have requested strict checking.
Host key verification failed.
Here's why I put the original Tencent cloud server reinstall the system, is part of the case host key change. So the prompts, the correct host key to the specified file.
Third, the problem is solved
So find known_hosts file, sent by the remote host xxxxx, to replace bei1 the corresponding fingerprint. Reconnect, identify problems solved.
Fourth, the issue to be analyzed
known_hosts this document exactly what is the use? Put inside is what?
You will each ssh public key (public key) you visited are recorded in the computer known_hosts. The next time access to the same computer, OpenSSH will verify the public key. If the key is different, OpenSSH will warn you to avoid being attacked DNS Hijack like.
As can be seen from the above figures, known_hosts format in
Ip或域名 主机名 host-keyIt is quite easy to understand, use known_hosts role is 防止DNS攻击.