问题描述:
在日常的运维中需要做ssh的免密登陆有提示如下的报错内容:
[root@paas-harbor01 cce-v5.2.3]# ssh-copy-id 192.45.66.14
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed/usr/bin/ssh-copy-id: ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
ERROR: Someone could be eavesdropping on you right now (man-in-the-middle attack)!
ERROR: It is also possible that a host key has just been changed.
ERROR: The fingerprint for the ECDSA key sent by the remote host is
ERROR: SHA256:4l9S3zapjMZ8LGiqzbLRUt7z0XFVrNxUw50/Aa+zm48.
ERROR: Please contact your system administrator.
ERROR: Add correct host key in /root/.ssh/known_hosts to get rid of this message.
ERROR: Offending ECDSA key in /root/.ssh/known_hosts:14
ERROR: ECDSA host key for 192.45.66.14 has changed and you have requested strict checking.
ERROR: Host key verification failed.
根据报错的内容及运维经验:原因是因为之前有做过ssh免密登陆了,也就是/root/.ssh/known_hosts文件已经存在了该地址记录了,经过确认,该主机是有重新安装过系统的。导致了之前的数据丢失了。
解决方案:
既然知道原因就好办了,只需要将/root/.ssh/known_hosts文件中的192.45.66.14的记录删除掉就可以了。
vim /root/.ssh/known_hosts
删除掉192.45.66.14开头所在行的数据。
然后重新ssh-copy-id 192.45.66.14命令就可以了。