Valeri Galtsev wrote: > > On Thu, April 28, 2016 8:56 am, mdubendris at gmail.com wrote: >> The problem is not with your installation of CentOS, it is with the >> computer you are connecting from. Read the error log you pasted earlier, >> it tells you exactly what the problem is and how to remedy it: >>> >>> Add correct host key in /Users/andy/.ssh/known_hosts to get rid of this >>> message. Offending ECDSA key in /Users/andy/.ssh/known_hosts:22 >> >> Open up the file /Users/andy/.ssh/known_hosts and delete line 22. <snip> > Usually host key (of remote machine) could change for the following > reasons: > > 1. benign reasons: remote machine system was reinstalled and/or ssh server > keys were re-generated, or some machine was retired and different machine > re-used its IP, or for some other reason, like changes in DNS, you are > connecting to _different_ system that has same IP as the one you were > connecting to in the past > > In this case it is indeed safe to delete old known keys resembling this > host (there may be more that one), then ssh to it and accept new key > > 2. Bad reasons: remote machine is hijacked and host keys have changed. Or, > as ssh error message says, it may be "man in the middle" attack. If some > intermediate malicious machine is able to intercept your traffic, it can <snip> Just as a side note, here: when we rebuild a machine - say, when we were doing CentOS 5 to 6, or when we build a new machine for someone, 6->7, we *remove /etc/ssh/ssh_host*, and rsync in the *old* /etc/ssh/ssh_host* from backup. Not doing this does have a tendency to freak out the users.... mark