主要现象:ssh/scp 失败,host key verification failed.
# scp /home/iso/********.iso root@192.168.1.***:/home/
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
df:33:37:b6:7b:c9:e5:19:65:f7:38:ad:94:b2:9e:36.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:1
ECDSA host key for 192.168.1.*** has changed and you have requested strict checking.
Host key verification failed.
lost connection
从报错信息看是因为目标主机key【比如重做系统或者还原】与已保存的key不同导致认证失败!
key算法为ECDSA,百度可知为椭圆曲线数字签名算法。详情请自查。
解决办法:删除留存的秘钥
# rm -f /root/.ssh/known_hosts
测试一下:
# scp /home/iso/********.iso root@192.168.1.***:/home/
The authenticity of host '192.168.1.*** (192.168.1.***)' can't be established.
ECDSA key fingerprint is df:33:37:b6:7b:c9:e5:19:65:f7:38:ad:94:b2:9e:36.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.***' (ECDSA) to the list of known hosts.
root@192.168.1.***'s password:
********.iso 100% 3239MB 81.0MB/s 00:40
bye