Technology Tales

Adventures in consumer and enterprise technology

TOPIC: SSH-KEYGEN

Remedying a warning about an ECDSA host key

25th August 2024

During some website maintenance that I have been doing using my iMac, I encountered a message like the following at one point:

Warning: the ECDSA host key for '<server name>' differs from the key for the IP address '<server IP address>'

The cause was a rebuild of one of my web servers and changes to SSH keys that it caused. The solution in my case was to issue a command like the following:

ssh-keygen -R <server IP address>

That felt neater than editing ~/.ssh/known_hosts to remove the affected key. If the command does not remedy things for you, then editing the file should help. That, after all, is what the rest of the warning message suggested to me. My qualms about messing with files made me go with the command, and that got things sorted. There had been some use of ssh-copy-id too, which might be information that is worth having to hand.

Automated entry of SSH passwords

17th February 2022

A useful feature for shell scripting is automatic password entry when logging into other servers. This often involves plain text files, which are not secure. Fortunately, I found an alternative. The first step is to use the keygen tool included with SSH. The command is shown below. The -t switch defines the key type, RSA in this example. You can add a passphrase, but I chose not to for convenience. You should evaluate your security requirements before implementing this approach.

ssh-keygen -t rsa

The next step is to use the ssh-copy-id command to generate the keys for a set of login credentials. For this, it is better to use a user account with restricted access to keep as much server security as you can. Otherwise, the process is as simple as executing a command like the following and entering the password at the prompt for doing so.

ssh-copy-id [user ID]@[server address]

Getting this set up has been useful for running a file upload script to keep a web server synchronised, and it is better to have the credentials encrypted rather than kept in a plain text file.

  • The content, images, and materials on this website are protected by copyright law and may not be reproduced, distributed, transmitted, displayed, or published in any form without the prior written permission of the copyright holder. All trademarks, logos, and brand names mentioned on this website are the property of their respective owners. Unauthorised use or duplication of these materials may violate copyright, trademark and other applicable laws, and could result in criminal or civil penalties.

  • All comments on this website are moderated and should contribute meaningfully to the discussion. We welcome diverse viewpoints expressed respectfully, but reserve the right to remove any comments containing hate speech, profanity, personal attacks, spam, promotional content or other inappropriate material without notice. Please note that comment moderation may take up to 24 hours, and that repeatedly violating these guidelines may result in being banned from future participation.

  • By submitting a comment, you grant us the right to publish and edit it as needed, whilst retaining your ownership of the content. Your email address will never be published or shared, though it is required for moderation purposes.

Copyright © 2007-2025, TechnologyTales.com