When you use SSH to login to a remote system, the host's identification key is stored inside your user's home folder. If you try to SSH into the remote system again in the future, your computer will check to make sure that you're logging into the same system as before. Sure, the IP address or hostname might be the same, but maybe a different system has taken over that IP or hostname. If that's the case, you wouldn't want to enter your password into the foreign system.

When this is detected, you'll receive a warning to the effect of WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!. Then again, sometimes a remote host's keys could have changed for a perfectly legitimate reason. If you know this to be true, then you can ignore the warning.

In this guide, we'll show you how to bypass the SSH remote host warning, as well as permanently remedy the problem on a Linux system. Read on to see how.

In this tutorial you will learn:
  • How to remove invalid SSH host key from config
Fixing the remote host has changed warning message
Fixing the remote host has changed warning message
Software Requirements and Linux Command Line Conventions
Category Requirements, Conventions or Software Version Used
System Any Linux distro
Software OpenSSH
Other Privileged access to your Linux system as root or via the sudo command.
Conventions # - requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command
$ - requires given linux commands to be executed as a regular non-privileged user
WARNING
You should only ignore this warning message if you're confident that the remote system has not been replaced by a remote system (man in the middle attack). Otherwise, your username and password data could be compromised.

Remove invalid SSH host key


SUBSCRIBE TO NEWSLETTER
Subscribe to our NEWSLETTER and receive latest Linux news, jobs, career advice and tutorials.


In order to get rid of the warning message, we need to update the key that we have stored for the remote host. The key will be stored inside your ~/.ssh/known_hosts file. You can see the contents of this file with the following command.

$ cat ~/.ssh/known_hosts

To remove the offending line, use the following command. Just as an example, we'll remove the line associated with host linuxconfig.org.

$ ssh-keygen -f "/home/linuxconfig/.ssh/known_hosts" -R "linuxconfig.org"

The output of the warning will usually generate the command above for you automatically. So it's as simple as copying and pasting the line on your screen. Just be careful that you trust the remote system. Now we can simply SSH into the host and accept the new host keys as normal.

FIND LATEST LINUX JOBS on LinuxCareers.com
Submit your RESUME, create a JOB ALERT.
LINUX CAREER NEWSLETTER
Subscribe to NEWSLETTER and receive latest news, jobs, career advice and tutorials.
DO YOU NEED ADDITIONAL HELP?
Get extra help by visiting our LINUX FORUM or simply use comments below.