Mac OS X Remove SSH Known Host

I‘ve reinstalled Linux on remote server and now trying to connect it over ssh using Mac OS X:
ssh user@server1.example.com

But I’m getting an error which read as follows:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
5c:9b:16:56:a6:cd:11:10:3a:cd:1b:a2:91:cd:e5:1c.
Please contact your system administrator.
Add correct host key in /Users/user/.ssh/known_hosts to get rid of this message.
Offending key in /Users/user/.ssh/known_hosts:1
RSA host key for server1.example.com has changed and you have requested strict checking.
Host key verification failed.

How do I fix this problem under Mac OX X?

You need to run the following command to get rid of this problem. Open the terminal application and then type the following command on your macOS Unix system:

ssh-keygen -R server-name
ssh-keygen -R server.ip.addre.ss
ssh-keygen -R 202.54.1.5
ssh-keygen -R server1.example.com
## for non-standard ssh port ##
ssh-keygen -R 'server1.example.com:PORT'
ssh-keygen -R 'server1.example.com:4122'

Fig.01: Removing /Users/user/.ssh/known_hosts file

We pass the -R option to the ssh-keygen command to remove all keys belonging to the specified hostname (with optional port number) from a known_hosts file. This option is useful to delete hashed hosts. We have ~/.ssh/known_hosts file which contains a list of host keys for all hosts the user has logged into that are not already in the systemwide list of known host keys.

Test it

Now you can connect to remote host with ssh or sftp or scp command:

ssh user@server1.example.com
ssh -p user@server1.example.com

Use -p Port to connect to on the remote host using given Port. This can be specified on a per-host basis in the configuration file such as ~/.ssh/config.

Getting help

The ssh-keygen command generates, manages and converts authentication keys for ssh. The ssh-keygen can create keys for use by SSH protocol version 2 and do other stuff for use. Hence, read the man page by typing the following commands:
man ssh-keygen
man ssh
man sshd


🐧 Please support my work on Patreon or with a donation.
🐧 Get the latest tutorials on Linux, Open Source & DevOps via:
CategoryList of Unix and Linux commands
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
14 comments… add one
  • Chichi Latté Apr 11, 2012 @ 13:05

    Much appreciated Vivek, this worked for me no probs!

  • Bike Jerry Dec 30, 2012 @ 16:45

    This helped me out as well – thank you, happy new year!

  • Craig May 28, 2013 @ 8:26

    Didn’t work for me, showed exactly what you said it would but when I try to SSH in it continues to show the original message… :-(

  • Ian Jul 21, 2013 @ 11:29

    Thanks for this. Had two ftp sites that Coda refused to connect to, but Cyberduck was happy with.

  • Hugo Aug 28, 2014 @ 3:44

    Worked great! Thank you!!

  • Cyril Sep 12, 2014 @ 21:36

    I was having the same problem as I was setting up a lots of routers with the same IP over ssh. What worked for me was to remove known_hosts file which is stored in ~/.ssh/knonw_host. So what I did was updating my /etc/bashrc file with the following lines:

    rmknownhosts()
    {
    rm ~/.ssh/known_hosts
    }

    Than when this message appeared I simply typed rmknownhosts and delete the file.

    I don`t know if this is right step to deal with that. But it definitely worked for me.

    Hope that helps.

  • Lou Sep 14, 2014 @ 6:01

    Worked for me… I just needed to clear the 1 entry of “[myserver].com”
    ssh-keygen -R [myserver].com

  • Bogdan Nov 20, 2014 @ 10:24

    Great, exactly what I needed quick and simple. Thank you!

  • James May 27, 2015 @ 15:58

    Unfortunately I don’t think this command actually did anything.

  • Jan Jul 17, 2015 @ 16:28

    Thanks!

  • Sai Aug 20, 2015 @ 17:50

    It worked by using the following commands:

    cd /Users/Username/.ssh/Known_hosts
    ssh-keygen -R domain-name
    ssh-keygen -R server

    Thanks

  • Sue May 16, 2016 @ 23:22

    You saved me today. Thanks, it worked for me under a complicated situation. Thanks.

  • Noel Whitemore Dec 27, 2020 @ 18:16

    If your host uses a non-standard SSH port number then you might need to explicitly state the domain name and port number when using the ssh-keygen command, like this:

    ssh-keygen -R '[mydomain.com]:2222'

    On my machine, using

    ssh-keygen -R mydomain.com

    reported that the known_hosts file had been updated (i.e. it looks like it worked) but no changes had actually been made.

    • 🐧 Vivek Gite Dec 27, 2020 @ 19:40

      I see. Makes sense. Thank you for the feedback.

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre> for code samples. Problem posting comment? Email me @ webmaster@cyberciti.biz