On 03/11/2012 06:24 PM, Anne Wilson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> In the past I have regularly done updates on my server using ssh
> access from this laptop.  I can no longer do this.  It may be
> connected with the fact that I installed keychain on both the server
> and the laptop?
>
> However - strict-checking is set to "ask" which seems to be the
> default.  I get
>
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle
> attack)!
> It is also possible that the RSA host key has just been changed.
> The fingerprint for the RSA key sent by the remote host is
> e7:69:b4:4a:b3:31:39:c3:44:42:0a:b5:42:99:de:13.
> Please contact your system administrator.
> Add correct host key in /home/anne/.ssh/known_hosts to get rid of this
> message.
> Offending key in /home/anne/.ssh/known_hosts:3
> RSA host key for 192.168.0.40 has changed and you have requested
> strict checking.
> Host key verification failed.
>
> On the server I used ssh-keygen to list the fingerprint, and it
> matches the above.

After you have verified that the target host is the host you think it is
you should be able to remove the old fingerprint like this:

ssh-keygen -R target_hostname

Kevin