Issue
I am trying to SSH into my EC2 instances of my ElasticBeanstalk environment. I could SSH into the instance. Then I terminated the instance and pinned up the new instance. Then it broke when I tried to SSH again. This I what I have done so far.
I created an SSH KeyPair in the AWS console named MyanEatSSH.
Then I set up the SSH running the following command.
eb ssh --setup
I selected the Key name I created.
Then I downloaded the key and put it under ~/.ssh/ folder.
I could ssh into the EC2 machine running the following command.
eb ssh
It was working as expected. The problem began when I deleted the instance in the EC2 console. I deleted an EC2 instance. Then, the Beanstalk spin up the new instance since it has the health check and Auto Scaling capability.
Then I ssh again into the new instance. This time, I got the following error.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:enloOGgT3a/TLEoeibCGEbAmDogbpqHZWdy8qP5WyEE.
Please contact your system administrator.
Add correct host key in /Users/wai/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/wai/.ssh/known_hosts:35
ECDSA host key for {ip} has changed and you have requested strict checking.
Host key verification failed.
As an attempt to fix it, I tried setting up the SSH running this command again,
eb ssh --setup
It still does not work. I tried to create a new SSH Key and tried setting it up again. It does not work too. It is throwing the same error. What is wrong and how can I fix it?
Solution
When you reinstall the server or associate elastic IP with new launch server of previous instance its identity changes, and you'll start to get this message. Simply remove the key from known_hosts by deleting the relevant entry
ssh-keygen -R <IP>
Answered By - Adiii