Question

Public Key SSH doesn't match and is changing

I’ve created a public/private key pair according to the Ubuntu initialization tutorial and the public key is correctly set up. I create a new user and grant it administrator access and it uses the public key to login via ssh. Root user is prohibited in ssh login due to security concerns.

My problem is, sometimes I can successfully connect to the server by ssh user@ipaddress And sometimes when I do this it will tell me there “REMOTE HOST IDENTIFICATION HAS CHANGED!”, from which I found that the fingerprint is different from what it should be, so I need to delete the old key in “known_hosts” file and accept a new public key. If I continue by accept the new key, the ssh session will ask me to type the password of the user, while there’s no need to enter the password in normal case since I have the private key. And even if I fill in the correct password for the user, I still cannot log in.

More interestingly, sometimes I didn’t do anything to the problem and came back a few hours later and try to connect via ssh again, I will find that the fingerprint changed AGAIN! After accept the key, I can correctly login into the server!

So my problem is, why the fingerprint is changing? Am I under attack? Why it will ask me to enter the password while it is not supposed to ask for it?

Thank you!


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

This comment has been deleted

You’re somehow ending up at a different server. Most likely a proxy/firewall on your end.