. Advertisement .
..3..
. Advertisement .
..4..
I get the “the authenticity of host can’t be established” issue when trying to ssh to a machine. Here is the detail of the error I got the error message:
The authenticity of host '<host>' can't be established.
ECDSA key fingerprint is SHA256:TER0dEslggzS/BROmiE/s70WqcYy6bk52fs+MLTIptM.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'pc' (ECDSA) to the list of known hosts.Please give me some advice to solve this problem.
The cause: I think this error occurs if you frequently edit keys, this warning will appear owing to security features; do not disable this feature. This warning only appeared once. If the problem persists after a second connection, the issue is most likely with writing to the
known_hostsfile. After that, you’ll receive the following message:The solution: To solve this problem you can change the file’s owner or make it writable by your user by fixing the file’s permissions.
An old question that deserves a better response.
Without disabling
StrictHostKeyChecking, you can disable interactive prompt (which is insecure).The following logic can be incorporated into your script:
It checks to see if the public key for the server is in
known_hosts. It checks if the public key of the server is inknown_hosts. If it is not, it requests it from the server and adds that toknown_hosts.This means that you will be exposed to Man-In the-Middle attack once only.