Loading

迁移ssh host key方法

诉求

重新配置服务器,不希望用户感知到host key发生变化,报错known_hosts冲突问题。

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:FqvUm19I/**********5OP6SCWDU2ZcLV5SR14WllEQ.
Please contact your system administrator.

解决

从原始服务器备份host key文件再覆盖到新环境

# from old server
sudo cp -a /etc/ssh/ssh_host_* ./
# to new server
sudo cp -a ./ssh_host_* /etc/ssh/

注意文件权限,公钥644私钥600所有者为root

参考

how to backup/restore the host key in ssh server - Ask Ubuntu

posted @ 2022-08-30 15:15  azureology  阅读(204)  评论(0)    收藏  举报