Fix “Host key verification failed”
“Host key verification failed” is a common error message that can occur when trying to connect to a remote server via Secure Shell (SSH). This error can be frustrating, but it’s actually a security feature that can be easily resolved. In this blog post, we will first look at how to fix this error, then explain what it means and why it’s important.
Table of Contents
How to Fix “Host Key Verification Failed” Error
The first step in fixing this error is to remove the incorrect host key from your SSH client’s known_hosts file. To do this, run the following command in your terminal:
ssh-keygen -R <hostname>
Replace <hostname>
with the hostname or IP address of the remote server you’re trying to connect to. This will remove the incorrect host key from your known_hosts file.
For example: ssh-keygen -R add-domain-name.com
or using the server IP address: ssh-keygen -R 123.123.12.3
Next, try to connect to the remote server again using the following command:
ssh <username>@<hostname>
Replace <username>
with your username on the remote server, and replace <hostname>
with the hostname or IP address of the remote server.
When you run this command, you should see a warning message similar to the following:
The authenticity of host '<hostname> (<IP address>)' can't be established. RSA key fingerprint is <fingerprint>. Are you sure you want to continue connecting (yes/no)?
Type yes
and press Enter to continue. You should now be connected to the remote server, and the host key for that server should be added to your known_hosts file.
Manually fixing the error
Instead of using the above commands, you can also manually fix this error. This is because the error output itself tells the exact path, filename, and line location of the failed key. So, for example, if the incorrect host key is on line 1 of your known_hosts file, you can manually fix the error by editing the file:
- Open your known_hosts file in a text editor. The file is usually located at
~/.ssh/known_hosts
.
for examplesudo nano ~/.ssh/known_hosts
. - Locate the line # with the incorrect host key. In this case, it should be on line 1.
- Delete the line with the incorrect host key.
- Save the changes to the known_hosts file.
Press Ctrl+O then Ctrl+X using nano. Or for vi or vim, use:wq
. - Lastly, try to connect to the remote server again.
What Does “Host Key Verification Failed” Mean?
The “Host Key Verification Failed” error message occurs when the host key for a remote server does not match the host key stored in your SSH client’s known_hosts file.
When you connect to a remote server for the first time using SSH, the host key for that server is added to your known_hosts file. This host key is used to verify the identity of the remote server whenever you connect to it in the future.
If the host key for the remote server changes, for example, because the server was reinstalled or because its IP address changed, you will get the “Host Key Verification Failed” error message. This error message is a warning that the remote server you’re trying to connect to may not be the server you think it is.
For instance, GitHub recently changed its RSA SSH host key, which is used to secure Git operations for GitHub.com, leading to the “Host Key Verification Failed” error for many users attempting to connect.
Why Is Host Key Verification Important?
Host key verification is important because it helps to prevent man-in-the-middle attacks. A man-in-the-middle attack is a type of security attack where a third party intercepts and modifies the communication between two parties.
In a man-in-the-middle attack, an attacker could intercept the communication between your SSH client and the remote server and replace the host key for the remote server with the host key for a different server that the attacker controls.
If you connect to the remote server without verifying the host key, you may be sending sensitive information to the attacker’s server instead of the real remote server.
By verifying the host key for a remote server, you can ensure that you are communicating with the real remote server and not an attacker’s server. This helps to keep your data and information secure.
Conclusion
In conclusion, the “Host Key Verification Failed” error message is a security feature that helps to protect your data and information. By following the steps outlined above, you can easily resolve the error and maintain the security of your connections to remote servers.
It’s important to understand the significance of host key verification and to always verify the host key whenever you connect to a remote server for the first time or if you receive the “Host Key Verification Failed” error message.