问题描述
使用SSH登录服务器的时候,如果服务器的证书发生了变化就会出现下面的提升:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:/npzxQurNof+eweGQDr+84AKgPiblVncqNMmUPquuxa.
Please contact your system administrator.
Add correct host key in /Users/liam.mazy/.ssh/known_hosts to get rid of this message.
Offending ED25519 key in /Users/liam.mazy/.ssh/known_hosts:26
ED25519 host key for 192.168.1.1 has changed and you have requested strict checking.
Host key verification failed.
如果设置了使用证书登录或者SSH的端口不是默认的端口,错误的提示如下:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:o2acVJFVEgSxAtwIC9W5GMFOXx4pNde7KV/i3EbjApU.
Please contact your system administrator.
Add correct host key in /Users/liam.mazy/.ssh/known_hosts to get rid of this message.
Offending ED25519 key in /Users/liam.mazy/.ssh/known_hosts:26
Host key for [192.168.1.1]:11022 has changed and you have requested strict checking.
Host key verification failed.
手动解决方法
解决方法也很简单,只要执行ssh-keygen -R <host>
命令之后再次使用ssh登录就可以了,如ssh-keygen -R 192.168.1.1
或 ssh-keygen -R [192.168.1.1]:11022
。
使用Trigger自动执行
每次都需要手动输入ssh-keygen
命令中的服务器ip非常麻烦,可以使用iTerm2的Trigger功能,自动执行上面的命令。
打开Trigger
点击iTerm2-Preferences...(⌘
+,
),然后点击Profiles标签,选择✭ Default
默认的Profile,这样所有的Profile都可以使用这个Trigger了。接下来点击右边的Advanced
标签,在Triggers
下面点击Edit
按钮。
设置Trigger规则
点击+
创建一条触发规则:
- Regular Expression:
(?i)host key for (.*) has changed and you have requested strict checking
这里用了正则表达式,(?i)
表示忽略大小写,中间的(.*)
为了获取主机IP。 - Action:
选择Send Text...
- Parameters:
ssh-keygen -R \1\r!-2\r
上面的\1
用来获取前面正则表达式中的第一个Group,即主机IP;\r
表示回车换行,即执行命令;!-2
表示向前数第二个命令,即最开始执行的ssh命令。
如下:
最终的效果如下:
参考资料:
ssh remote host identification has changed
Regex: ignore case sensitivity
How do I repeat the last command without using the arrow keys?