Known_hosts의 키와 충돌이 있을 때 프록시 전달을 활성화할 수 있습니까?

tag-icon tag-icon ssh ssh-agent
Known_hosts의 키와 충돌이 있을 때 프록시 전달을 활성화할 수 있습니까?

호스트에 연결할 때마다

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:J6ErF8jeZVKGsg0db5u2hiNeQbH4pdGzPcbpGXZhOm8.
Please contact your system administrator.
Add correct host key in /home/ecarroll/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ecarroll/.ssh/known_hosts:50
  remove with:
  ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"
ECDSA host key for 10.1.38.15 has changed and you have requested strict checking.
Host key verification failed.

입력할 필요를 피할 수 있습니다

  ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"

-o StrictHostKeyChecking=noSSH 호출에 사용됩니다. 그러나 내가 그랬더라도. 알겠어요,

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:ZVbYVYb0m3udeHMkycdZCF4HK7sGUzVnQmhTjDFTa6Y.
Please contact your system administrator.
Add correct host key in /home/ecarroll/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/ecarroll/.ssh/known_hosts:50
  remove with:
  ssh-keygen -f "/home/ecarroll/.ssh/known_hosts" -R "10.1.38.15"
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
Agent forwarding is disabled to avoid man-in-the-middle attacks.

하단에 이 줄이 보이실 겁니다.

Agent forwarding is disabled to avoid man-in-the-middle attacks.

그래도 될까요?아직프록시 전달을 사용하시겠습니까?

답변1

이 문제에 대한 해결 방법으로 파일을 삭제할 수 있습니다. 한 번만 삭제하면 되니 걱정하지 마세요. 그런 다음 이 두 가지 옵션을 혼합하여

StrictHostKeyChecking=no
UserKnownHostsFile=/dev/null

SSH 구성 파일에 넣거나 ~/.ssh/config별칭으로 만들 수 있습니다.

alias ssh0="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"

그러면 추가 구성 없이 프록시가 전달되고 여러 상자에서 작동합니다.

관련 정보