引擎场中的 SSH
我在 EY 上部署 Ruby on Rails 时遇到了一些大问题。支持人员表示我需要 SSH 来清除错误...但我得到以下信息:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
80:4c:5f:dd:98:bb:cb:01:6c:a9:11:41:29:56:66:86.
Please contact your system administrator.
Add correct host key in /Users/jameshughes/.ssh/known_hosts to get rid of this message.
Offending key in /Users/jameshughes/.ssh/known_hosts:1
RSA host key for ec2-184-73-167-153.compute-1.amazonaws.com has changed and you have requested strict checking.
Host key verification failed.
[Process completed]
如何将正确的密钥添加到 Known_hosts 文件?
I've got some large problems with my ruby on rails deployment on EY. Support has said I need to SSH in to clear the errors... but I get the following:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
80:4c:5f:dd:98:bb:cb:01:6c:a9:11:41:29:56:66:86.
Please contact your system administrator.
Add correct host key in /Users/jameshughes/.ssh/known_hosts to get rid of this message.
Offending key in /Users/jameshughes/.ssh/known_hosts:1
RSA host key for ec2-184-73-167-153.compute-1.amazonaws.com has changed and you have requested strict checking.
Host key verification failed.
[Process completed]
How do I add the correct key to the Known_hosts file?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
在您喜欢的文本编辑器中打开
known_hosts,找到“ec2-184-73-167-153.compute-1.amazonaws.com”条目并删除整行。下次您通过 ssh 登录时,它会将正确的密钥添加到known_hosts文件中。请注意,此错误是出于安全目的,因此我假设您知道没有发生“中间人”攻击,并且服务器密钥实际上已更改。如果没有,可能还有其他事情发生。
Open up
known_hostsin your favorite text editor, find the entry for "ec2-184-73-167-153.compute-1.amazonaws.com" and delete the entire line. The next time you ssh in, it will add the correct key to theknown_hostsfile.Note that this error is for security purposes, so I'm assuming that you know that there is not a "man-in-the-middle" attack going on and that the server key has actually changed. If it has not, there might be something else going on.
要解决“权限被拒绝(公钥)”问题,您需要通过“工具”菜单将公钥添加到engineyard,然后将更改应用到您的环境(通过单击“应用”)。
希望有帮助。
To fix your "Permission denied (public key)" problem, you'll need to add your public key to engineyard via the Tools menu, then apply your changes to your environment (by clicking apply).
Hope that helps.
更新
请参阅下面@womble 的评论和我的回复。正如 @womble 所指出的,如果您使用
StrictHostKeyChecking no您将面临中间人攻击。我已经与 EngineYard 讨论过这个问题(上次我检查时,他们在帮助文档中建议使用StrictHostKeyChecking no)。我相信使用StrictHostKeyChecking=ask是更好的选择。有谁知道是否有比使用StrictHostKeyChecking=ask更好的解决方案?我遇到了同样的问题,这似乎对我有用。你只需要在“'~/.ssh/config'':”之后添加“StrictHostKeyChecking no”即可。Engineyard
有一篇非常好的文章。中间的那个人问题接近底部。
http://docs.engineyard.com/ssh-keys-and-configuration.html
现在,当我使用 SSH 时,我仍然收到警告,但能够访问服务器。在停止并重新启动实例后,我开始收到警告。
Update
Please see @womble's comment below and my reply. As @womble notes, if you use
StrictHostKeyChecking noyou will be open to man in the middle attacks. I've talked with EngineYard about this (last time I checked,StrictHostKeyChecking nowas what they were recommending in their help documentation). I believe usingStrictHostKeyChecking=askis a better alternative. Does anyone else know if there is a better solution than usingStrictHostKeyChecking=ask?I ran into the same issue and this seemed to work for me. You just need to add "StrictHostKeyChecking no" to after "'~/.ssh/config'':"
Engine yard has a pretty good article on it. The Man in the middle issue is near the bottom.
http://docs.engineyard.com/ssh-keys-and-configuration.html
Now when I SSH I still get the warning, but am able to access the server. I started getting the warning after I stopped and restarted my instance.