On UNIX-like systems like Linux and Mac OS, the known_hosts file is located at ~/.ssh/known_hosts. You can remove entries from this file manually (with a text editor), but If you're using a system that bundles a command-line SSH client, it probably includes the ssh-keygen
utility. You can examine the host key you have stored for a server with the command "ssh-keygen -F <hostname> -l
":
Code Block | ||||
---|---|---|---|---|
| ||||
$ ssh-keygen -F gl.umbc.edu -l
# Host gl.umbc.edu found: line 187
gl.umbc.edu ECDSA SHA256:wSwjkRNKOUxWYi8XaCFSOyQwhnSctdagnVdlD9Y/5Lw |
If the host key fingerprint for a server has changed, and you've verified that the new fingerprint is authentic, you can remove old entries with the command "ssh-keygen -R <hostname>
":
...