Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Host key verification failed - amazon EC2

I am working with win 7 and git bash as well as an amazon EC2 instance. I tried to log into my instance:

$ ssh -i f:mykey.pem ubuntu@ec2-52-10-**-**.us-west-2.compute.amazonaws.com
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
 Someone could be eavesdropping on you right now (man-in-the-middle attack)!
 It is also possible that a host key has just been changed.
 The fingerprint for the ECDSA key sent by the remote host is
 71:00:d7:d8:a------------------26.
 Please contact your system administrator.
 Add correct host key in /m/.ssh/known_hosts to get rid of this message.
 Offending ECDSA key in /m/.ssh/known_hosts:27
 ECDSA host key for ec2-52-10-**-**.us-west-2.compute.amazonaws.com has changed and you have request
 ed strict checking.
 Host key verification failed.

Logging in like this has worked fine in the past, but this problem started after I rebooted my EC2 instance. How can I get this working again?

edit:

$ ssh -i f:tproxy.pem ubuntu@ec2-52-10-**-**.us-west-2.compute.amazonaws.com
ssh: connect to host ec2-52-10-**-**.us-west-2.compute.amazonaws.com port 22: Bad file number

enter image description here

tried again:

The authenticity of host 'ec2-52-10-**-**.us-west-2.compute.amazonaws.com (52.10.**-**)' can't be
established.
ECDSA key fingerprint is d6:c4:88:-----------fd:65.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added 'ec2-52-10-**-**.us-west-2.compute.amazonaws.com,52.10.**-**' (ECDSA) t
o the list of known hosts.
Permission denied (publickey).

what should I do now?

like image 691
user1592380 Avatar asked Mar 17 '15 17:03

user1592380


2 Answers

The hostname has a new ssh key, so ssh tells you something has changed. The hint is here:

Offending ECDSA key in /m/.ssh/known_hosts:27

If you're sure the server on the other side is authentic, you should delete line 27 in /m/.ssh/known_hosts.

like image 163
Adam Matan Avatar answered Nov 02 '22 12:11

Adam Matan


In BeanStalk environment, the issue is that it refers to the key from known_hosts for the respective IP. But it has changed. So using the same key would not work.

Removing the key for the IP from ~/.ssh/known_hosts and then connecting by ssh would work.

(Basically, when the entry is not there in ~/.ssh/known_hosts it will create a new one, and thus resolve the conflict)

like image 42
SuperNova Avatar answered Nov 02 '22 12:11

SuperNova