I have got the well-known warning message when trying to ssh into a server: $ ssh whateverhost @@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
Let us review the following 5 basic command line usage of the ssh client.
- Identify SSH client version
- Login to remote host
- Transfer Files to/from remote host
- Debug SSH client connection
- SSH escape character usage: (Toggle SSH session, SSH session statistics etc.)
1. SSH Client Version:
Sometimes it may be necessary to identify the SSH client that you are currently running and it’s corresponding version number, which can be identified as shown below. Please note that Linux comes with OpenSSH.
2. Login to remote host:
- The First time when you login to the remotehost from a localhost, it will display the host key not found message and you can give “yes” to continue. The host key of the remote host will be added under .ssh2/hostkeys directory of your home directory, as shown below.
- The Second time when you login to the remote host from the localhost, it will prompt only for the password as the remote host key is already added to the known hosts list of the ssh client.
- For some reason, if the host key of the remote host is changed after you logged in for the first time, you may get a warning message as shown below. This could be because of various reasons such as 1) Sysadmin upgraded/reinstalled the SSH server on the remote host 2) someone is doing malicious activity etc., The best possible action to take before saying “yes” to the message below, is to call your sysadmin and identify why you got the host key changed message and verify whether it is the correct host key or not.
3. File transfer to/from remote host:
Another common use of ssh client is to copy files from/to remote host using scp.
- Copy file from the remotehost to the localhost:
- Copy file from the localhost to the remotehost:
4. Debug SSH Client:
Sometimes it is necessary to view debug messages to troubleshoot any SSH connection issues. For this purpose, pass -v (lowercase v) option to the ssh as shown below.
- Example without debug message:
- Example with debug message:
5. Escape Character: (Toggle SSH session, SSH session statistics etc.)
Escape character ~ get’s SSH clients attention and the character following the ~ determines the escape command.
Toggle SSH Session: When you’ve logged on to the remotehost using ssh from the localhost, you may want to come back to the localhost to perform some activity and go back to remote host again. In this case, you don’t need to disconnect the ssh session to the remote host. Instead follow the steps below.
Toggle SSH Session: When you’ve logged on to the remotehost using ssh from the localhost, you may want to come back to the localhost to perform some activity and go back to remote host again. In this case, you don’t need to disconnect the ssh session to the remote host. Instead follow the steps below.
- Login to remotehost from localhost: localhost$ssh -l jsmith remotehost
- Now you are connected to the remotehost: remotehost$
- To come back to the localhost temporarily, type the escape character ~ and Control-Z. When you type ~ you will not see that immediately on the screen until you press <Control-Z> and press enter. So, on the remotehost in a new line enter the following key strokes for the below to work: ~<Control-Z>
- Now you are back to the localhost and the ssh remotehost client session runs as a typical unix background job, which you can check as shown below:
- You can go back to the remote host ssh without entering the password again by bringing the background ssh remotehost session job to foreground on the localhost
SSH Session statistics: To get some useful statistics about the current ssh session, do the following. This works only on SSH2 client.
- Login to remotehost from localhost: localhost$ssh -l jsmith remotehost
- On the remotehost, type ssh escape character ~ followed by s as shown below. This will display lot of useful statistics about the current SSH connection.
![Identification Identification](https://cloudbees.zendesk.com/hc/article_attachments/115000216551/agents-host-key-manually-trusted-changed.png-c02fcbd7)
If you like this post, please bookmark it on del.icio.us or Stumble It.
> Add your comment
If you enjoyed this article, you might also like..
You might recognise the situation when you try to login to a server via ssh and instead of the console you get the “REMOTE HOST IDENTIFICATION HAS CHANGED” warning.
Lets assume you login to 123.123.123.123 like this:
Here is an example of what the warning you receive might look like:
What does that mean?
It is “only” a warning but hinders you in logging in to the host. This means that the host identification (fingerprint) you accepted when you logged in for the first time does not match the fingerprint on this connection attempt. As the message states, that can be a man in the middle attack, but – as in my case – this also happens when you have re-installed your server. The IP/DNS name is the same, but the fingerprint has changed. If you know this is the reason, you will need to remove the old host-key/fingerprint and then on the next login attempt accept the new fingerprint.
Possibility one
On OS X, edit the file ‘/Users/username/.ssh/known_hosts’, go to the line the message told you and delete the line (make sure it is really the right line that you delete).
Possibility two
The easier way is to just run a command which will do the editing for you. It will create a backup of the old known_hosts file as /Users/username/.ssh/known_hosts.old. Of course if you edit it twice, it will override the first backup. To do this run the following:
Accept the new fingerprint
Try to login now and you will see the following output asking you to accept the unknown host’s fingerprint:
After you have accepted the new fingerprint, it is stored permanently in the known_hosts file. Unless the fingerprint changes again, ssh will not prompt you about it again.
![Rekey Rekey](https://docstore.mik.ua/orelly/networking_2ndEd/ssh/figs/ssh_0304.gif)
Read more of my posts on my blog at http://blog.tinned-software.net/.