Managing RSA Keys on Linux and OS X

Posted by Aaron West at 9:46 AM in ColdFusion, Linux, Mac

My Web sites have been hosted on Linux since 2002. About a year ago I moved some sites to a Linux virtual private server at Viviotech and have recently created setting up a new Linux server over at Linode. Linode is a Linux virtual server platform powered by Xen (Wikipedia) and was started by a friend (and past co-worker) of mine. If you're in need of Linux hosting I highly recommend Linode!

I began setting up my Linode with CentOS 4 since I was already familiar with it. But after having conversations with Chris at Linode I decided to nuke the CentOS distro and install Ubuntu. After doing this I ran into an issue the first time I attempted to connect to the server using ssh. Here's an example of what I saw when connecting.

Continue Reading

Aaron West's Gravatar
About this post:

This entry was posted by Aaron West on December 7, 2008 at 9:46 AM. It was filed in the following categories: ColdFusion, Linux, Mac. It has been viewed 15466 times and has 3 comments.

3 Responses to Managing RSA Keys on Linux and OS X

  1. Hey Aaron, thanks for this tip - just ran into it. However, I have many RSA known hosts in my known_host file so i didn't want to rm the entire file. Rather, it is simple enough to do the following:
    $ nano /Users/[username]/.ssh/known_hosts

    Notice in the error message you received - "Offending key in /Users/aaron/.ssh/known_hosts:4" which indicates the bad key is on line 4. Double check the ip or domain in that line to ensure that it is the key for your remote server. Place cursor on that line and press ^K to delete the entire line. ^O to write the file. <enter>. ^X to exit.

    At this point you can re-establish your ssh connection with remote server.



  2. Doug, thanks for the comment. In addition to your solution I also recommend folks simply look for their servers IP address in the known_hosts file. If you want to be doubly sure you don't delete the wrong entry, match the IP address listed in the warning message with the IP address listed in the file. Then delete that line, save, and close.

  3. Thanks for your article, it resolve my problem.

    A simple rm or move of the file to regenerate my file.

    Thanks again.