SSH: How to handle missing: /home/USER/.ssh/known_hosts
The warning means the host id has changed (from the old to the new installation). That's good! It works, letting you know it has changed...
Log in as the unprivileged user (not root) and create the hidden directory, /home/jerry/.ssh:
cd; mkdir .ssh; chmod 0700 .ssh
At that point you can add hosts to the known_hosts file (/home/jerry/.ssh/known_hosts).
Or, if you connect as guest, do the same as the user, guest, not jerry.
Note that should you desire the .ssh directory to be created for all new users, then add a the .ssh directory to /etc/skel. The /etc/skel directory contains files and directories that all new users should have.
sudo mkdir /etc/skel/.ssh; sudo chmod 0700 /etc/skel/.ssh
Afterward, every new user you create will have a .ssh directory with the right perms (0700).
Related videos on Youtube
15 : 46
02 : 43
02 : 40
04 : 02
02 : 20
jerrycrabb
Updated on November 23, 2022Comments
-
jerrycrabb over 1 year
I have a old laptop that I'm using to learn Ubuntu Server 12.10. Prior to reformatting and installing Ubuntu Server, Ubuntu Desktop was used.
With Ubuntu Desktop, I was using a no-ip.com hosted domain to access the machine via ssh (no problems). After the reformat, I'm trying to use that same no-ip.com domain to access this same machine (same static ip on home LAN) but now I'm receiving the following error:
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ECDSA key sent by the remote host is XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX: (Omitted). Please contact your system administrator. Add correct host key in /home/guest/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /home/guest/.ssh/known_hosts:2 remove with: ssh-keygen -f "/home/guest/.ssh/known_hosts" -R username.no-ip.org ECDSA host key for username.no-ip.org has changed and you have requested strict checking. Host key verification failed.Admittedly, I don't understand much of the error message. After some google searching I opted to run the following command:
$ ssh-keygen -R {username.no-ip.org}Which gives the following error:
ssh-keygen: /home/jerry/.ssh/known_hosts: No such file or directory"Guest" as suggested in the error message, isn't there either:
jerry@mediaserver:/home$ tree -a . └── jerry ├── .bash_history ├── .bash_logout ├── .bashrc ├── .cache │ └── motd.legal-displayed ├── .config │ └── htop │ └── htoprc └── .profileWhich begs the following questions: if this file doesn't even exist, where's the discrepancy noted in the error message? Perhaps I need to create this file?
Thanks to anyone willing to work through this with me!
-Jerry
EDIT:
I should add that I am able to ssh locally using the locally assigned ip address.
-
Admin over 11 yearsDid you runsshas theguestaccount or asjerry? Did you make changes under/etc/ssh? What doesls -lA /home/guestshow? -
Admin over 11 yearsThanks Stephen for that insight. That indeed is the problem (face-palm)
-
-
Admin over 11 yearsThis doesn't explain the
guest/jerrydiscrepancy.