How to fix the warning: remote host identification has changed! error

Whether you’re connecting with an SFTP client or SSH via the terminal, a common error that comes along is the “warning: remote host identification has changed!” This prevents you from connecting to your website or server. This happens to me now and then, and it’s very annoying, as I’m usually in a hurry to fix something. This error brings me to a halt. 

Below I’ll walk you through a few quick and easy ways to resolve the error and get connected again. 

What is the “warning: remote host identification has changed!” error?

The error below typically occurs when your SSH keys or server’s connection information has changed. For example, if you recently migrated your website to a new hosting provider, your IP address would be different.

The connection information (IP address and credentials) on your Mac is stored in your known_hosts file. On Windows, it’s stored in the registry. When you use an SFTP client (my favorite is ForkLift) or SSH client (PuTTY), it uses the information to connect to the webserver.

[user@hostname ~]$ ssh root@user
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
xx:xx:xx.
Please contact your system administrator.
Add correct host key in /home/hostname /.ssh/known_hosts to get rid of this message.
Offending RSA key in /var/lib/sss/pubconf/known_hosts:3
RSA host key for xxx.xxx.xx.xxx has changed and you have requested strict checking.
Host key verification failed.

How to fix your known_hosts file on Mac 

There are a couple of ways to go about fixing your known_hosts file on a Mac. I prefer using an app, as it’s quick and easy. I never have to remember terminal commands. But I’ll walk you through both methods.

Option 1: Fix known_hosts file with an app (easiest method)

An awesome app called SSH Config Editor lets you manage your SSH client configuration file and other settings. There is a pro version, and I always recommend supporting developers when you can. If you’re on a tight budget, the free version is enough to manage your known_hosts file. Follow the steps below. 

Step 1

Install the free SSH Config Editor app.

Step 2

Open SSH Config Editor and click on “File → Open Known Hosts.”

Open known_hosts file
Open known_hosts file

Step 3

Find and highlight the entry that is having the issue. If you aren’t sure which one to choose, you should look up your old and current IP address. If you’re hosting with a provider like Kinsta, this is called your “Site IP address” and can be found in your MyKinsta dashboard. 

Then click the trash can icon to delete the entry. Another option would be to remove all the entries.

Delete known_hosts entry
Delete known_hosts entry

Step 4

Click “Remove” on the following prompt:

Do you want to remove “[xx.xxx.xx.xxx]:xxxxxx” from known hosts?

Step 5

Close the window and click “Save” on the following prompt:

Do you want to save the changes made to the document “known hosts”?

You should now be able to connect to your website and or server again.

You probably won’t need the SSH Config Editor app that often, so I don’t recommend pinning it to your dock. Just leave it installed for the occasions when you do get the connection error. 

Option 2: Fix known_hosts file from the terminal

The second option is to clean up the entry from your known_hosts file using the terminal. Follow the steps below.

Step 1

Open the Terminal app. The quickest way is to launch Spotlight and search for “terminal.” Or you can find it under “Utilities → Terminal.”

Mac terminal
Mac terminal

Step 2

Paste the following command.

nano ~/.ssh/known_hosts

Step 3

Remove the entry that is having the issue. If you aren’t sure which one to choose, look up your old and current IP address. Another option would be to remove all the entries. 

Step 4

Type Ctrl + X (^X) to exit and select Y for yes when prompted if you want to save the modified buffer.

Terminal nano editor
Terminal nano editor

You should now be able to connect to your website and or server again.


Alternatively, you could delete your entire known_hosts file and let it repopulate. Enter the following command in the terminal. 

rm .ssh/known_hosts

How to fix your known_hosts file on Windows 

Before switching from Windows to Mac, I actually never encountered this error. But I’m documenting the following for you just in case. On Windows, they don’t have a known_hosts file, the information (IP address and credentials) is stored in the registry. Follow the steps below. 

Step 1

Open your start menu and search “regedit.” Click “Enter.”

Regedit
Regedit

Step 2

Browse to the following registry folder:

HKEY_CURRENT_USER\SoftWare\SimonTatham\PuTTY\SshHostKeys
Registry Editor SshHostKeys
Registry Editor SshHostKeys

Step 3

Within the “SshHostKeys” folder, remove the entry that is having the issue. If you aren’t sure which one to choose, look up your old and current IP address. Another option would simply be to remove all the entries. 

Click “Yes” when you get the following prompt: 

Deleting certain registry values could cause system instability. Are you sure you want to permanently delete this value?

Close the Registry Editor. You should now be able to connect to your website and or server again.

Summary

It’s always annoying to run across errors like these. You would think by now they would have easier ways built into the operating systems to resolve them. For now, we’ll have to resort to our step by step troubleshooting processes.

Hopefully, now you have connected again and are back at work! If this was helpful or you had a problem, leave a comment below.

Brian Jackson

I craft actionable content and develop performance-driven WordPress plugins. Connect on Twitter or subscribe to my newsletter (twice a month, no spam).

Leave a Comment