How to fix SSH Host key verification failed, warning: remote host identification has changed in Ubuntu 18.04

The last month, i decided to upgrade the server where Our Code World is currently hosted for a genuinely better server. As i always do, i adquired the new server and started configuring it in order to migrate the old server data. After a while, i went to the administration panel of the server in their website to remove the old root key file and i noticed that the datacenter where the server was located wasn't in america, but in France. The chosen datacenter was wrong, so i requested a new server in america. After the deployment, i installed the new operative system, but i installed the wrong version of Ubuntu (16 instead of 18.04), so i wiped once again the server🤣. After checking finally that everything that i installed the right version of Ubuntu, i tried to access the server via SSH, for my surprise once again, i ended up with another error:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:5
RSA host key for [192.xxx.xx.xx]:22 has changed and you have requested strict checking.
Host key verification failed.

The issue is caused because you are connecting to a server where you previously were connected to, but whose RSA host changed since the last time you connected to it (i connected to the first version of the server with Ubuntu 16.04 and then tried to connected to the same server with Ubuntu 18.04 and the exception showed up). In order to prevent any security breach, you will need to remove this key from the known_hosts file of your local machine in order to connect properly.

A. Manually remove offending key

Well, deleting the known_hosts file is a valid solution as long as you don't care about having to confirm everytime that you connect to some server that the fingerprint is valid, so don't delete the known_hosts file. The easiest solution is to simply remove the line with the problem on the file, in our case the exception message warned us that the offending key is in the line #5:

Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:5

So you would only need either to remove the line, using a single command like this (replace 5 with the number of your line):

sed -i '5d' ~/.ssh/known_hosts

And that's it. Alternatively, modify the known_hosts file using a terminal editor like nano or vim and remove the line by yourself.

B. Using ssh-agent

Alternatively, you can use the ssh-keygen tool to simply remove the offending key if you know the hostname/ip:

ssh-keygen -R <SERVER_IP_OR_HOSTNAME> -f ~/.ssh/known_hosts

This should work as well to remove the warning from appearing in the terminal.

Happy coding ❤️!

This could interest you

Become a more social person