Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
18454
Views
10
Helpful
2
Replies

Host key verification failed

jnommensen
Level 1
Level 1

‎09-02-2009 02:53 PM

When I SSH to a Cisco IPS from my MARS I get the following message -

ssh x.x.x.x

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

Someone could be eavesdropping on you right now (man-in-the-middle attack)!

It is also possible that the DSA host key has just been changed.

The fingerprint for the DSA key sent by the remote host is (intentionally removed).

Please contact your system administrator.

Add correct host key in /opt/janus/release/bin/.ssh/known_hosts to get rid of this message.

Offending key in /opt/janus/release/bin/.ssh/known_hosts:1

DSA host key for x.x.x.x has changed and you have requested strict checking.

Host key verification failed."

I *really* need to get this IPS reporting to the MARS as soon as possible and this is preventing it. How do I add the correct host key in the known hosts file on the MARS? BTW, it says I have requested strict checking but if they are referring to the ssl/ssh settings they are set to automatically always accept. Also, I do not have access to the IPS to generate another key (if this would even help). I have opened a TAC case but we all know how long they can take to make contact.

Any help is GREATLY appreciated!

Cheers,

Jeremy

4 people had this problem
Labels:
2 Replies 2

msalah
Level 1
Level 1

‎06-26-2013 03:32 AM

This seems to have been ignored by all parties it seems, not sure if you (jeremy) resolved this issue and forgot you put it up. I recently had this issue and didnt have clue what was causing it...

So here we go:

The out put was generated by my local linux (server).  Exactly the same as above..

Step 1

I first made sure i configured ssh correctly (waste of time but good refresher for me)... http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

Step 2

Clear the known hosts file

The error message had the answes...just did not know where to look...

"The fingerprint for the DSA key sent by the remote host is (intentionally removed)." - someone generated a new rsa key in my case..

"Offending key in /opt/janus/release/bin/.ssh/known_hosts:1" local key doesnt match so i had to clear it...

ssh-keygen -R hostname/ipaddress

Step 3

Try reconnect again ---

The authenticity of host 'switch1 (192.168.1.101)' can't be established.

RSA key fingerprint is zzzzzzzzzzzzzzzzzzzzzzzzzzzzzxxxxxxxxx.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'switch1,192.168.1.101' (RSA) to the list of known hosts.


I hope this helps anyone having this issue..

T0mTheCat
Level 1
Level 1

‎10-21-2020 07:13 PM

Hi,

 

I delete my .ssh folder file in my directory works for me.

C:\Users\myusername\.ssh

 

Thank you! =D

0 Helpful
Customers Also Viewed These Support Documents