SSH Server and Client Most Known Error Messages

Hopefully you won’t face critical errors when using SSH, however, things can go wrong sometimes. SSH Server and Client Most Known Error Messages will cover only the errors that I have faced so far while I was setting and testing my Web Hosting Server Solution. I will keep this article open in case I seen more new errors, please feel free to email me if you have faced different errors.

Objectives:

Troubleshoot Common SSH Server/Client Error Messages

Prerequisites:

A. Basic Debian or Red Hat Linux Knowledge

B. Login to your DigitalOcean or Vultr Account

Note: I have found the following site as well for more errors you might face while setting up SSH  http://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter10.html

Recommendations:

For better performance, use VPS with at least 2 CPUs, 4G Memory, 1G Bandwidth, and SSD Storage drive.

Warning: Remote Host Identification Has Changed

First of all, don’t panic. You will probably face this Warning one day, especially if you do a lot of testing like me. Briefly, if you face the following Warning, your Admin Station’s SSH Client is confused and due to this confusion, it’s suspecting a Man in the Middle Attack.

It happens for too many reasons, one of them, when you destroy and recreate the VPS again (using the same SSH-Keys) from a snapshot/backup image or even New VPS, which can hold the same IP Address that has been used previously, therefore, your SSH client confused because the New VPS that you have just created carries the same IP Address, same Public Key, but Different Server’s Key Fingerprint.

Using Putty

It will show the Same Message, however, it provides you the ability to Click Yes and Update the cache. To be in the safe side, always verify the server’s key fingerprint before clicking Yes.

Using Linux/UNIX SSH Client

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
da:05:8d:35:00:a5:3e:d9:07:f8:6d:a7:0a:30:7c:3e.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /root/.ssh/known_hosts:1
ECDSA host key for 45.55.128.172 has changed and you have requested strict checking.
Host key verification failed.

Analyzing the Warning…

It’s important to mention that all legitimate hosts (Your VPS Instances) resides under /root/.ssh/known_hosts. It appears that the offending host located at line1.

[...]
Offending ECDSA key in /root/.ssh/known_hosts:1
[...]

Since you are going to reinitialize the connection again, you can safely remove the problematic line using the following command:

sed -i '1d' /root/.ssh/known_hosts

If the problematic key happens to be on line 4, then replace 1 with 4.

Or, run the following command:

ssh-keygen -R YOUR-VPS-IP-ADDRESS

Switch -R will fix the problem by removing the offending host. Now, try to connect again.

Subject Related

By | Wikipedia OpenSSH | ArchLinux SSH | tartarus SSH | DocStore.Mik.ua SSH | WinSCP Error Codes