Results 1 to 7 of 7

Thread: removing 'trusted' keys ssh..

  1. #1
    Join Date
    Mar 2008
    Location
    Sri lanka
    Beans
    764
    Distro
    Ubuntu 10.04 Lucid Lynx

    removing 'trusted' keys ssh..

    Hi.. I've installed the ssh server on my Ubuntu desktop and the very first time I accessed the server from my laptop, it got a message asking me whether to permanently add the key of the server. After I added this, it gave me a message saying that the key had been permanently added. My question is how do I remove this key? I just want to know how to do this because I'm going to disable password based logins and I want to start anew.

  2. #2
    Join Date
    Feb 2010
    Beans
    33
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: removing 'trusted' keys ssh..

    Quote Originally Posted by mahela007 View Post
    Hi.. I've installed the ssh server on my Ubuntu desktop and the very first time I accessed the server from my laptop, it got a message asking me whether to permanently add the key of the server. After I added this, it gave me a message saying that the key had been permanently added. My question is how do I remove this key? I just want to know how to do this because I'm going to disable password based logins and I want to start anew.
    Hi,

    just remove file ~/.ssh/known_hosts

    bye
    giammy
    Gianluca Moro
    The COMPUTER WITHOUT COMPUTER: http://www.cloudusb.net

  3. #3
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: removing 'trusted' keys ssh..

    Quote Originally Posted by giammy View Post
    Hi,

    just remove file ~/.ssh/known_hosts

    bye
    giammy
    That would remove all hosts with known keys. You can just edit that file and take out the line with the host you want to remove. Simpler to do tbh.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  4. #4
    Join Date
    Feb 2008
    Location
    Hamilton, Canada
    Beans
    Hidden!

    Re: removing 'trusted' keys ssh..

    Now, on the other hand, the entries in known_hosts are hashed, so you can't make heads or tails of it - but you can figure out which entry is which by logging into the remote host (if it has changed). The error message will tell you which line.

    Note that identical hosts with different hostnames will have different entries (i.e. "bob-1" and "192.168.0.101")

  5. #5
    Join Date
    Mar 2008
    Location
    Sri lanka
    Beans
    764
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: removing 'trusted' keys ssh..

    Sorry.. I didn't quite get that.

  6. #6
    Join Date
    Apr 2006
    Location
    Montana
    Beans
    Hidden!
    Distro
    Kubuntu Development Release

    Re: removing 'trusted' keys ssh..

    If you do not want to delete all the hosts in ~/.ssh/known_hosts, then simply:

    Code:
    ssh-keygen -R hostname
    Where hostname is the one you wish to remove.

    Beware of the warning :

    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
    Someone could be eavesdropping on you right now (man-in-the-middle attack)!
    It is also possible that the RSA host key has just been changed.
    The fingerprint for the RSA key sent by the remote host is
    f2:92:1d:da:81:2a:d7:16:0a:48:f0:43:20:1c:f4:b5.
    Please contact your system administrator.
    Add correct host key in /home/novak/.ssh/known_hosts to get rid of this message.
    Offending key in /home/novak/.ssh/known_hosts:1

    If you see this, confirm the server host key has changed before you simply delete the key from known_hosts, otherwise you may not be connecting to the server you think you are
    There are two mistakes one can make along the road to truth...not going all the way, and not starting.
    --Prince Gautama Siddharta

    #ubuntuforums web interface

  7. #7
    Join Date
    Apr 2008
    Beans
    98

    Re: removing 'trusted' keys ssh..

    Editing the known_hosts file does not change or remove the actual SSH key that is used for authentication. If you want to remove the key that is being used for that user, you need to take it out of ~/.ssh/authorized_keys on the host.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •