Valeri Galtsev wrote:
On Thu, April 28, 2016 8:56 am, mdubendris@gmail.com wrote:
The problem is not with your installation of CentOS, it is with the computer you are connecting from. Read the error log you pasted earlier, it tells you exactly what the problem is and how to remedy it:
Add correct host key in /Users/andy/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /Users/andy/.ssh/known_hosts:22
Open up the file /Users/andy/.ssh/known_hosts and delete line 22.
<snip>
Usually host key (of remote machine) could change for the following reasons:
- benign reasons: remote machine system was reinstalled and/or ssh server
keys were re-generated, or some machine was retired and different machine re-used its IP, or for some other reason, like changes in DNS, you are connecting to _different_ system that has same IP as the one you were connecting to in the past
In this case it is indeed safe to delete old known keys resembling this host (there may be more that one), then ssh to it and accept new key
- Bad reasons: remote machine is hijacked and host keys have changed. Or,
as ssh error message says, it may be "man in the middle" attack. If some intermediate malicious machine is able to intercept your traffic, it can
<snip> Just as a side note, here: when we rebuild a machine - say, when we were doing CentOS 5 to 6, or when we build a new machine for someone, 6->7, we *remove /etc/ssh/ssh_host*, and rsync in the *old* /etc/ssh/ssh_host* from backup.
Not doing this does have a tendency to freak out the users....
mark