Force ssh to use only password issue

Question

I have a problem with ssh connection to my remote server. I've just reinstalled remote server recently.

user:~/workspace/cheops-master/frontend $ ssh -o PreferredAuthentications=password root@##.###.##.###
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
##:##:##:##:##:##:##:##:##:##:##:##:##:db:20:1a.
Please contact your system administrator.
Add correct host key in /home/ubuntu/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ubuntu/.ssh/known_hosts:17
  remove with: ssh-keygen -f "/home/ubuntu/.ssh/known_hosts" -R ##.###.##.###
ECDSA host key for ##.###.##.### has changed and you have requested strict checking.
Host key verification failed.

This approach doesn't work and it really drives my nuts.

How to connect via ssh with just a password? How to reset any configs for previous server?

P.S. If configs somehow were saved from previous server, I have no idea how it happened because there was no key for previous server and no special configs, just password was used, and yes, there is no need to use the key in my case.

Any advice will be appreciated, thanks!

can you post your ssh config file? is the SSH running on the server? what is the exact issue you're experiencing? what is the error? — Bart, Jun 28 '19 at 11:34
Please, don't post images of text. Edit your question, copy the text here and apply code formatting. — andcoz, Jun 28 '19 at 12:30
Force ssh to not print “Remote host identification has changed” warning — andcoz, Jun 28 '19 at 12:34
Why aren't you doing what it's telling you to do -- remove the offending key with ssh-keygen -R. ssh will check the host's key no matter whether you authenticate with a password or with a public key. Disabling host checking permanently as in the linked answers is not a good idea -- you can always have an alias ssh0='ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no or alias ssh1='ssh -o CheckHostIP=no if you really need to. — , Jun 28 '19 at 15:16

score 0 · Answer 1 · edited Jun 29 '19 at 21:03

0

Issue was due to /home/ubuntu/.ssh/known_hostsfile which is updated automatically and every new ssh connection/ip-address was saved there with rsa key for some reason despite that fact that I used only password for ssh connection, so that this rule was blocking connection with fresh reinstalled remote server with the same ip-address.

I cleared the necessary addresses and this problem is gone. Hope this will help someone.

edited Jun 29 '19 at 21:03

Jeff Schaller

67,283
35
116
255

answered Jun 28 '19 at 12:31

mr.incredible

123

2

The rsa hash saved in known_hosts is the host key of the remote server (this is mentioned in the warning message), and has nothing to do with whether you used a key or password to connect. Also, the warning message that was given contains clear instructions for how to remove the erroneous (old) host key from this file. – Kusalananda Jun 28 '19 at 13:07
well, the question was not posted clearly and you had the solution right in front of your eyes. judging by the amount of information you provided initially, I do not see why my answer was wrong in your opinion. – Bart Jun 28 '19 at 14:32

Force ssh to use only password issue

1 Answers1