How is the SSH protocol? Why does a normal connection suddenly report an Identification error?

SSH

• SSH is mainly a connection protocol. Why do we need SSH? Once the content transmitted by the traditional protocol is intercepted, it will be completely exposed. The SSH protocol encrypts and verifies network data, establishes a secure tunnel between the SSH client and the SSH server, and provides a secure transmission channel for network services in an insecure network environment.

They have the advantages of simple operation and high transmission efficiency, but they all have the same problem, that is, the security risks caused by plain text data transmission. SSH uses means such as encrypted transmission data and improved authentication strength to overcome the security issues in Telnet and FTP applications and realize secure remote login and file transfer services.

• However, when I use SSH, Remote Host Identification Has Changed error and solution will appear. Since there is a problem, we must solve it. Next, let's see how to solve it.

Scenario

• The service that was originally connected via ssh suddenly became unavailable, which caught me off guard.

• This service is my virtual machine. There were no problems connecting to it before, and I have confirmed that the username is legal. I have not been asked to enter a password, so there is no password error.

Problem location

• The error statement [Remote Host Identification Has Changed error and solution] is shown. The word "identification" means authentication, which means authentication failed. How can authentication fail?
• Then came the days of self-reflection. After reflecting for a long time, a friend reminded me that it might be related to your reinstallation of the system. Combining this problem scenario, it seems to be related. I had reinstalled the system because of the system version upgrade. Now I think that although the IP is still the same IP, the service is no longer the same as before.
• After reading the information, I found that the problem was not caused by reinstalling the system. To be precise, it was not caused directly by reinstalling the system, but because we reinstalled OpenSSH, which caused the service authentication to fail.

ssh storage

• Before we solve this problem, let's start with a little trick. Do you know where the ssh connection information is stored? Have you noticed that when you connect to a service for the first time, you need to enter a yes or no confirmation?

• The first connection requires us to confirm whether to continue the connection. After entering yes, the server's connection information will be appended to the known hosts, and the corresponding location is ~/.ssh/known_host.

• Open the file and take a look, you can find that it is a signature storage for each service, so when we reinstall OpenSSH, the signature here becomes invalid.

Back to the topic

• Knowing that the ssh storage signature location expired and caused the connection to fail, it is easy to solve the problem. We can directly delete the signature corresponding to 192.168.0.253. However, the problem is still a little troublesome. As we can see above, there seem to be multiple signatures for the same IP. Which one should be deleted? In theory, all of them can be deleted. Another problem is that it is also troublesome for us to locate and delete. Fortunately, Linux OpenSSH provides us with commands.

 ssh-keygen -R {ssh.server.ip.address} -f file

• After executing ssh-keygen, it will print the configuration found and related to the specified service. Then it will be updated. When we connect again, we will be asked to confirm it again, and then we can operate normally.