How to Fix Remote Host Identification has changed while SSH

While accessing your remote server from your host machine, you may encounter an error that states: “WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!” with a long message like the attached screenshot.

Remote Host Identification has changed
Remote Host Identification has changed

This error is commonly flagged when your remote host public key does not match with the stored public key in ~/.ssh/known_hosts file on your current local host system and is one of the key reasons for this error when your virtual machine IP address uses the same IP address as another machine.

For example, virtual machine (A) uses the IP address 192.168.1.104, which is connected to your network, and when you connect virtual machine (A) through SSH on your remote PC, it stores a public key in ~/.ssh/known_hosts.

After a few days, you remove the virtual machine (A) and install a new virtual machine (B), and somehow, the IP address of the machine (B) has been assigned the same as the machine (A).

And when you try to log in to the virtual machine (B) through a remote machine, you will get the above error because ~/.ssh/known_hosts holds the public key of virtual machine (A) but not of virtual machine (B), which flagged the error.

Once you know the cause of the issue, let’s fix it by executing the below command, which will remove the public key of the specific host.

Fix: Remote host identification has changed 

There are a couple of ways to fix the above error, like manually removing the public key from the ~/.ssh/known_hosts, or else you can use the ssh-keygen command to purge the old public key. 

Remove the public key using the ssh-keygen command

If you are looking for a simple answer, then you should use this method, which will remove the public key of the specific host, and if you read the error message, it also suggests you execute the ssh-keygen command to fix this issue. 

You can fix the above issue by invoking any one of the commands from the below snippet.

$ ssh-keygen -R [hostname]
$ ssh-keygen -R [ipaddress]
$ ssh-keygen -f “/home/username.ssh/known_hosts” -R “ip-address”

To explain it to you better, let me execute the following command on my terminal screen so you can get a better idea about the command usage.

$ ssh-keygen -R 192.168.1.107
Remove public key using ssh-keygen
Remove public key using ssh-keygen

After that, you can try to re-login, and you will find that your problem is resolved.

Login through SSH
Login through SSH

Manually remove the public key from ~/.ssh/known_hosts

Alternatively, you can manually remove the public key from /.ssh/known_hosts. For that, you need to edit the following file using the vim editor, which will directly take you to the location where the key is located. 

To find the location of the public key on known_hosts, you can use the above error message to find host keys where it’s a lie on ~/.ssh/known_hosts.

In my case, the public key is held on line number 6.

Offending ED25519 key in /home/trendoceans/.ssh/known_hosts:6
$ vim +6  ~/.ssh/known_hosts

Once you open the file, remove the key by pressing the ESC key and invoking the dd command to delete the particular line. After making the changes, please save them and try to log back in.

Login back
Login back

Cheatsheet

CommandDescription
vim +line-number ~/.ssh/known_hostsIt will remove the old public host key from the file ~/.ssh/known_hosts
ssh-keygen -R hostnameIt will remove the old public host key from the file ~/.ssh/known_hosts

Wrap up

That’s all to fix the remote host identification has changed while SSH, and please feel free to relay your comments, suggestions, or corrections.

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments