A secure internet connection is not simply the ideal — it's essential. In fact, we're going to get every bit far as saying it's the number one priority for your website. The "Alert: Remote host identification has changed" mistake protects your connection from certain malicious attacks, although in some cases, you lot can inadvertently cause the mistake too.

The error is related to your Secure Beat out (SSH) keys and the server "fingerprint" a customer will check for. If Secure Shell thinks in that location's an event, it will cake access to your server and throw an error. But you can fix this in a few steps.

Over the side by side few minutes, nosotros're going to testify y'all how to fix the "Warning: Remote host identification has changed" error for both Windows and Mac. Beginning, though, let's give you some more than details on the error message itself.

A secure net connection is non but the ideal — it's essential 💪 While information technology may exist annoying, this mistake protects your connection from attacks. 🙅‍♀️ Learn more ⬇️ Click to Tweet

What the "Warning: Remote Host Identification Has Changed" Error Is

Ane of the most secure means to connect to a web server is to use SSH. It'south a command-line tool that lets you lot access an insecure network securely. Consider it similar a "super-SFTP" type of setup, although it'south not a 1:i comparison in practice.

You can access your site from almost anywhere you can utilize the cyberspace, as long as you lot accept the right login credentials. What's more than, almost macOS and Linux machines accept an SSH client congenital into the Operating System (OS). For Windows, you'll apply a dedicated interface (and we'll talk about this in more particular later).

As for the "Alert: Remote host identification has changed" error, it relates to the security checks your client will do. An SSH connection uses dedicated "keys" — modest files stored on your computer — as hallmark. Information technology's sort of like a Secure Sockets Layers (SSL) handshake, and in fact, there are some high-level similarities between SSH and SSL.

One aspect the keys aid with is to provide a permanent fingerprint of its host server. This will brand certain the connection is authentic and that you're not subject to a "motorcar-in-the-center" attack.

If the client thinks those fingerprints differ from what it understands to be correct, you'll get the "Warning: Remote host identification has changed" error at the point of login:

          [[email protected] ~]$ ssh [email protected]  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@  @ WARNING: REMOTE HOST IDENTIFICATION HAS Inverse! @  @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@  It IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!  Someone could exist eavesdropping on y'all right now (man-in-the-eye attack)!  It is also possible that a host key has only been changed.  The fingerprint for the RSA key sent by the remote host is  twenty:xx:xx.  Delight contact your organization administrator.  Add correct host primal in /home/hostname /.ssh/known_hosts to become rid of this message.  Offending RSA key in /var/lib/sss/pubconf/known_hosts:4  RSA host key for user has changed and you have requested strict checking.  Host primal verification failed.

Equally errors go, this is detailed and clear — it tells you lot what'south happened, a potential reason for why, and how you might ready it.

However, there's one aspect nosotros can touch on a petty further before showing you lot how to fix the "Warning: Remote host identification has changed" mistake.

How the known_hosts File Helps SSH Authentication

You'll notice that the error message references a known_hosts file. The name should give you lot a inkling as to what it contains, but for clarity, it's a list of SSH remote hosts known to the estimator. Information technology's used equally a reference client file for the authentication procedure.

When you kickoff connect to a server, you'll ofttimes get a confirmation request through your interface, asking whether you want to connect. If so, this fingerprint will become part of your known_hosts file.

Of course, if the fingerprint differs from what is in the known_hosts file, this could indicate a malicious user is targeting you lot. In other cases, yous may already know why there's a difference, although information technology pays to be vigilant regardless.

How To Fix the "Alarm: Remote Host Identification Has Changed" Error (on Windows and Mac)

You lot can work to fix the "Alarm: Remote host identification has inverse" error for both Windows and macOS. However, you lot have more flexibility for doing so on Mac.

We'll comprehend lots of the ways you can make things right again, starting with Windows.

i. Windows

It'southward of import to note that Windows machines might not have a known_hosts file. Nevertheless, if you apply the OpenSSH customer, at that place is a file. To find information technology, open the Windows search bar, and navigate to your user binder with the %USERPROFILE% command.

This will open the directory inside the File Explorer. There will also exist a .ssh folder within:

The Windows File Explorer.
The Windows File Explorer.

The file we desire in this binder is known_hosts. You can open this with Notepad (or your favorite text editor). Inside will be a list of keys:

The Windows known_hosts file.
The Windows known_hosts file.

Hither, you can delete the key that's causing the problem, then resave the file.

Subscribe At present

Some users may prefer the PuTTY client. The keys sit in the Registry, although they perform the same purpose as OpenSSH.

You'll desire to open the Windows Registry Editor (otherwise known as "regedit"). Yous tin practice this in whatever manner yous're comfortable, but the quickest way is to type the app's name into Window'due south search bar:

The Registry Editor link in the Windows Start menu.
The Registry Editor link in the Windows Start bill of fare.

Here, look for the following destination within regedit:

          HKEY_CURRENT_USER/Software/SimonTatham/PuTTY/SshHostKeys/

Yous'll see a listing of entries hither relating to the saved connections on your computer. Your job is to delete whichever one is causing an issue:

Deleting a Registry key in regedit.
Deleting a Registry key in regedit.

One time you click on the Delete button, you'll also need to confirm that you lot want to remove the central:

The Confirm Value Delete dialog.
The Confirm Value Delete dialog.

Clicking Yep here means the key volition exist gone for good, and you shouldn't become the "Warning: Remote host identification has changed" error any longer.

ii. Mac

The Mac has a couple of ways to fix the "Warning: Remote host identification has changed" error — either through a premium app such as SSH Config Editor or the Terminal. The results volition exist the same, so we advise you to choose whichever option is more than comfortable (and budget-friendly).

Our preferred approach is to admission the file within a Concluding window (or iTerm2 if you use that app), and also open up it with a dedicated Nano or Vim editor. This is considering it's accessible to everyone and straightforward to utilise regardless of your experience level.

Hither, nosotros're going to use Nano. Beginning, open up your Last using whatever process is nigh comfortable:

Opening the Terminal from Spotlight.
Opening the Terminal from Spotlight.

From hither, run the nano ~/.ssh/known_hosts command in your window. This will open a new Nano instance and brandish the keys within your known_hosts file:

The Nano editor with the known_hosts file open.
The Nano editor with the known_hosts file open.

You should delete the key causing the "Warning: Remote host identification has changed" mistake, then salve your changes.

You might likewise want to delete the unabridged known_hosts file, especially if you only use SSH for i or 2 sites. To exercise this, you lot can run rm .ssh/known_hosts in a Terminal window.

There's 1 more method to alter the known_hosts file on Mac: using the ssh-keygen utility from the command line. This is corking if yous don't want to dig into the file itself, or if you desire to work with merely ane site or key.

To attain this, open a Last window and run ssh-keygen, followed by your server hostname. For example:

          ssh-keygen -R server.example.com

This won't inquire you if you want to delete the specified lines, so make sure you're removing the right ones before proceeding:

Using ssh-keygen to delete from the known_hosts file.
Using ssh-keygen to delete from the known_hosts file.

Once this is done, you shouldn't get the "Alert: Remote host identification has changed" error from there on out.

Ever seen this fault? 😅 It's not always a bad thing (information technology'south protecting your connection from malicious attacks!), but it tin be accidentally caused by your ain activity. 😬 Learn more in this guide ⬇️ Click to Tweet

Summary

Spider web security isn't just about installing plugins and creating a strong countersign. The connections you employ to log into servers need your utmost attention. If y'all don't want to be bailiwick to a auto-in-the-center assault, you'll want to utilise SSH access when you log in.

However, the arrangement works almost as well well. Yous may become the "Alarm: Remote host identification has changed" error for a few reasons, and some are innocent.

Regardless, y'all can fix the error in no time through a Command Prompt or Last, using just a scattering of commands.

Save time, costs and maximize site performance with:

  • Instant aid from WordPress hosting experts, 24/7.
  • Cloudflare Enterprise integration.
  • Global audience attain with 29 data centers worldwide.
  • Optimization with our built-in Application Performance Monitoring.

All of that and much more, in one plan with no long-term contracts, assisted migrations, and a 30-24-hour interval-money-dorsum-guarantee. Check out our plans or talk to sales to detect the program that'south correct for you lot.