Removing ssh host key from known_hosts

 When ssh keys have changed on remote system and we still have former keys in our known_hosts file our system will warn us that probably we under man-in-the-middle attack or dns is spoofed.



 If we sure it normal situation ssh keys have changed we can fix this situation in the following way:

  • remove old key manually

remove line with old key - number of line to be removed are in output just after ":"

Offending key in /home/user/.ssh/known_hosts:2

  •  remove old key via ssh-keygen command

ssh-keygen -R hostname


ssh-keygen -R ip_address


ssh-keygen -R

/home/user/.ssh/known_hosts updated.
Original contents retained as /home/user/.ssh/known_hosts.old

  •  remove via other tools like sed or others


dzbanek 2012-12-21



This site uses cookies. Some of the cookies we use are essential for parts of the site to operate and have already been set. You may delete and block all cookies from this site, but parts of the site will not work.