Fix: SSH Connection Problem With Host Key Verification Failed Error

The “Host Key Verification Failed” error occurs when a known host has changed its authentication key or when a man-in-the-middle attack occurs in your network. If you are having this SSH Connection problem, then worry not, as this guide has got you covered.

If you want to jump directly at the solution, then scroll down to the solutions section. Otherwise, let’s begin with some basics related to this problem.

What Does the “Host Key Verification Failed” Mean?

Whenever you try connecting to an SSH Server, you are prompted with a confirmation asking you if you are connecting to the correct server and also if you trust the server. After confirming your action (typically by typing “yes”), the information about this remote server or SSH Server is stored inside the “known_hosts” file. This contains the information about the Authentication Key as well as your other preferences for that particular server.

The SSH Connection Confirmation Prompt

The next time you try connecting to the same remote host, the information is taken from the “known_hosts” file. If there are no changes, then the connection is successful. However, if the Host has made changes in the Remote Server, and the configuration settings in the known_hosts file are not updated, then the connection returns the “Host Key Verification Failed” Error.

This error can also occur when someone is trying to deceive you into logging in to their dummy/fake remote server to get the details of the SSH Connection:

Error Prompting a MITM Attack

Now that we understand the error. Let’s head over to its solution.

How to Fix SSH Host Key Verification Failed Error?

To fix this error, you need to make changes to the “known_hosts” file. Apart from the changes, you can actually delete the known_hosts file from your system. Let’s go through these methods one by one.

Method 1: Delete The Old Key From the known_hosts File

The first method is simple if the SSH host has updated or changed their authentication key. Then you need to remove the old key from the known_hosts file. For this, you can utilize the ssh_keygen. To do this, open up a new terminal and use the following syntax:

ssh-keygen -R HOSTNAME

However, make sure to replace the “HOSTNAME” with the actual hostname (or IP Address) of the remote host that you are trying to connect to. Afterward, retry the connection with the remote host using the updated key, and the connection will be successful.

Method 2: Manually Remove the Key Using the sed Command

Typically, whenever you encounter this error, the error prompt will contain the line number on which the information or key information is placed for that particular host. Suppose that the line number is “15” within the known_hosts file. What you have to do is to delete line 15 from the known_hosts file using the following command:

sed -i '10' ~.ssh/known_hosts

Alternatively, you can also use the Vim editor. To open up the known_hosts file with the pointer on the exact line that you need to delete, use the following command:

vim +10 known_hosts

Here, “+10” defines the line number. Once inside the Vim editor:

  • Press the “d” key twice.
  • Press the Colon “:” and type “x” and then press the “Enter key” to save the changes made to the known_hosts file.

Retry the connection with the updated key, and this time around, it will be successful.

Method 3: Delete the known_hosts File

Sometimes, the known_hosts file corrupts and causes the SSH connection to fail. In such cases, changing the already corrupted known_hosts file doesn’t help. Therefore, you need to delete the known_hosts file entirely in this case.

In the case of Linux, you can use the following command to delete the known_hosts file:

sudo rm .ssh/known_hosts

Once you have deleted the known_hosts file, connect to the remote host again and provide the correct and updated key.

For PuTTy Windows, follow the following steps:

  • Press the “Win+R” key combination to open up the run prompt.
  • Type ‘regedit.exe’ and press the enter key to open up the registry editor.
  • Head over to “HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys”
  • Delete All Keys

Method 4: Disable the SSH stricthostkeychecking Option

The “stricthostkeychecking” is a security feature that can sometimes cause hindrance while trying to connect to a remote host. Obviously, you wouldn’t want to disable a security feature for all connections. There, use the following flag to disable this option only for a particular host during the SSH Connection:

ssh -o StrictHostKeyChecking=no hostname

Make sure to replace the “hostname” with the actual hostname of the remote server that you are trying to connect to.

This wraps up all the solutions for this error. Make sure to check out our other tutorials here!

Dracula VPS Hosting Service

Dracula Servers offers high-performance server hosting at entry-level prices. The plans include Linux VPS, Sneaker Servers, Dedicated Servers & turnkey solutions. If you’re looking for quality self-managed servers with high amounts of RAM and storage, look no further.

Check the plans for yourself by clicking Here!

Wrap up

The SSH Connection error “Host Key Verification” occurs when the remote host has changed its authentication key, but the client’s PC holds the old Key in the “known_hosts” file. To fix this, the user must make changes in the host_key file or delete it completely. Another possible fix is to disable the strict host key checking option during the SSH connection.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments