See the Elephant

日常ブログ

sshでホスト名が重複した場合の解決方法

sshすると急にこんなエラーが出た.

$ server=web.i-xxxxx.ap-northeast-1; ssh $server

shuzon@xx.xxx.xxx.xxx's password:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:miserarenaiyo-hash.
Please contact your system administrator.
Add correct host key in /Users/shuzon/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/shuzon/.ssh/known_hosts:40
ECDSA host key for ip-xx-xx-xx-xxx.ap-northeast-1.compute.internal has changed and you have requested strict checking.
Host key verification failed.
Killed by signal 1.

よく読むと, known_hostの40行目に問題を引き起こすhost keyがある と書いてある

Offending ECDSA key in /Users/shuzon/.ssh/known_hosts:40

どうやら /Users/shuzon/.ssh/known_hosts にこれまでsshしたサーバのホスト名を記録しているようだ.

偶然ipアドレスが衝突した時に起こるエラーだそうで, known_hosts から対象hostを消すことで対処できた.

qiita.com

この記事を参考にした.

$ssh-keygen -R ip-xx-xx-xx-xxx.ap-northeast-1.compute.internal
/
# Host ip-xx-xx-xx-xxx.ap-northeast-1.compute.internal found: line 40
/Users/shuzon/.ssh/known_hosts updated.
Original contents retained as /Users/shuzon/.ssh/known_hosts.old

これで接続できる.