If you attempt to SSH to a server and receive a message similar to the below:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
23:43:66:2a:ac:53:d9:62:8c:af:03:5f:6b:67:b7:86.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:5
RSA host key for server.example.com has changed and you have requested strict checking.
Host key verification failed.
lost connection
The primary reason for this is if you have recently reinstalled a server at the same IP address as another server you used to SSH to. If this is the case then modify your ~/.ssh/known_hosts file and remove the entry for this IP address.
If you have not recently changed something on the server you are SSH’ing to then immediately take the server you are connecting to offline and investigate the possibility that it has been hacked. Also be careful of your connection between the server you are connecting from and the server you are connecting to. It is possible you are experiencing a man in the middle attack or MITM.
