我的情况下，我只得到ssh警告时使用Gridengine qrsh远程shell登录。然而，正常的ssh会像预期的那样工作(第一次发出警告，然后在随后的时间里保持安静)。

我的解决方案是手动填充~/。ssh/known_hosts与Gridengine可以选择的所有可能的服务器名称(使用qhost列出服务器):

for p in server1 server2 server3 server4; do
  ssh-keyscan -H ${p}.company.com;
  ssh-keyscan -H $(getent hosts $p | perl -lane 'print $F[0]');
done >> ~/.ssh/known_hosts

背景:

Gridengine is a job scheduler which can use ssh to select the least loaded server. The reason for the warning is that qrsh seem to always specify a non-standard port for doing the ssh connection, causing known_hosts to be updated with an entry also containing a port number. Next time when qrsh selects the same server there would be a new port-number and known_hosts would get updated with a new port-specific entry. The reason for also adding the raw host IP address is that some hosts used ecdsa-sha2-nistp521. If a raw IP entry is not added I would get the warning:

ECDSA host key for IP address '10.1.2.3' not in list of known hosts.

这主要意味着该主机的键发生了变化~/。ssh/known_hosts，它不会自动更新它。因此，每当您收到此警告消息时。

这种情况经常发生在连接到重新创建的虚拟机时，它会使用相同的IP地址更改密钥

解决方案

如果只有一个条目，那么可以删除~/。Ssh /known_hosts文件，并且在第一次连接之后，密钥将在那里，之后没有警告消息。

如果有多个条目，则可以使用下面的命令删除

$ ssh-keygen -R <hostname>

这对我来说很有效

我的情况下，我只得到ssh警告时使用Gridengine qrsh远程shell登录。然而，正常的ssh会像预期的那样工作(第一次发出警告，然后在随后的时间里保持安静)。

我的解决方案是手动填充~/。ssh/known_hosts与Gridengine可以选择的所有可能的服务器名称(使用qhost列出服务器):

for p in server1 server2 server3 server4; do
  ssh-keyscan -H ${p}.company.com;
  ssh-keyscan -H $(getent hosts $p | perl -lane 'print $F[0]');
done >> ~/.ssh/known_hosts

背景:

Gridengine is a job scheduler which can use ssh to select the least loaded server. The reason for the warning is that qrsh seem to always specify a non-standard port for doing the ssh connection, causing known_hosts to be updated with an entry also containing a port number. Next time when qrsh selects the same server there would be a new port-number and known_hosts would get updated with a new port-specific entry. The reason for also adding the raw host IP address is that some hosts used ecdsa-sha2-nistp521. If a raw IP entry is not added I would get the warning:

ECDSA host key for IP address '10.1.2.3' not in list of known hosts.

当我开始使用Windows电脑时，我也遇到了同样的问题。在我的例子中，这是因为我的SSH设置没有完成。Github有一个关于SSH设置的非常精确的文档。一旦解决了这个问题，问题就解决了。

https://help.github.com/articles/checking-for-existing-ssh-keys/ https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/

添加ssh密钥

ssh-keygen -t rsa -b 4096 -C "abc@abc.com"

eval "$(ssh-agent -s)"

ssh-add ~/.ssh/bitbucket_rsa

机箱配置文件

crate ~/.ssh/config

加到下面一行。

UserKnownHostsFile ~/.ssh/known_hosts

然后添加pub密钥和克隆您的存储库…做……

该消息来自SSH，它警告您正在连接到一个您以前从未连接过的主机。我不建议关闭它，因为这意味着您可能会错过关于主机密钥更改的警告，这可能表明SSH会话受到MITM攻击。