Notice! This document is currently in Archived status.
The content of this document may be incorrect or outdated.

Print this article Edit this article

SSH Host keys

SSH Host Keys to change Thursday January 4 2018

In the meantime, use another algorithm instead: for example, to connect to min.ecn, you would use:
ssh -o HostKeyAlgorithms=ssh-dss  min.ecn.purdue.edu

ECN's servers will have their host keys updated Thursday January 4 2018.

The biggest problem is the ssh client software will see the change of host key as an error, showing a message such as:
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
 
Because this is a client error, only the users can clear the error and continue. For programs like openssh, this would involve editing the ~/.ssh/known_hosts file. For programs like Putty or SecureCRT, the fix may be more involved.
 
For MacOS and Linux:
 
Open a terminal window on your local machine. 
cd into your .ssh directory
There, you can do one of three things:
ssh-keygen -R hostname   (If your known_host file is in a non-standard location, use [-f known_hosts_file]) 
OR edit/nano/pico known_hosts to remove the lines that pertain to the affected ECN hosts
OR completely remove known_hosts.
 
For Windows:
You are likely to get a prompt indicating that the host key has changed. If that’s the case, you're done. If you are refused the connection, you will have to navigate to one of these two locations and remove the affected host entry file:
Managed PCs: R:\AppData\VanDyke\Config\Known_hosts\
OR Self Managed PCs: C:\Users\<yourusername>\AppData\Roaming\VanDyke\Config\Known_hosts\
 
We will post updated fingerprints here.
 

Last Modified: Jul 16, 2021 7:24 am America/New_York
Created: Dec 6, 2017 8:43 am US/Eastern by admin
JumpURL: