我司V5交换机&路由器作为SSH Client登陆SSH Server后,会在本地配置中保存远端主机公钥。后续登录时可能提示如下报错信息。(通常服务器端做了密钥更新后会出现该情况)
The server's hostkey does
not match the one local cached.This means that either the server
administrator has changed the host key, or you actually connected to another
computer pretending to the server. If you want to login it, remove the local
cached key first please!
错误方法1:使用命令public-key local destroy rsa销毁本地密钥无法解决
错误方法2:不建议完全按照KMS案例“S3600系列交换机清除原有SFTP密钥的解决方法 “中的通过进入bootrom删除Flash中的hostkey文件解决。客户业务不能中断,太过暴力。
正确的解决方法:KMS案例”交换机作为SSH Client无法删除远端主机公钥”
通过undo public-key peer keyname命令删除,但是直接删则会提示该公钥正在被使用,无法删除:
[S58IRF]undo public-key peer 12.1.1.1
Warning: Do you really want to remove the public key named 12.1.1.1? [Y/N]:y
The peer public key "12.1.1.1" is being used, can't delete it.
注意:此时可能会有人建议你,reset session或reset tcp后再去删,结果也是无效的。
如果要删除这个公钥配置,需要先通过undo ssh client authentication server命令用来取消在客户端上指定要连接的服务器端的主机公钥。
[S58IRF]undo ssh client authentication server 12.1.1.1 assign publickey
[S58IRF]undo public-key peer 12.1.1.1
Warning: Do you really want to remove the public key named 12.1.1.1? [Y/N]:y
✖
案例意见反馈
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作