Originally posted by: SystemAdmin

I installed the openssh 4.3-p1 last April on this AIX 5.3 box, with ssh-keygen, I created a id_rsa key pair and passed on to other RHEL3 and it worked since. Now i have another AIX 5.3L box, I tried to ssh-keygen a id_dsa pair and passed on this new box, but it kept rejecting the SCP or ssh with message:
".. Remote Host Identification has changed
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
8f:78:8c:f3:59:08:65:56:4f:06:cb:ad:30:86:a8:49.
Please contact your system administrator.
Add correct host key in /.ssh/known_hosts to get rid of this message.
Offending key in /.ssh/known_hosts:3
RSA host key for 10.10.1.30 has changed and you have requested strict checking.
Host key verification failed."
How do i make the ssh work on second AIX box?
Can I create another id_rsa key pair or just pass the old id_rsa.pub to new AIX ? (tried it, did not work)
On the new AIX, I had installed the openssh (4.3-p2) and ssh-keygen a dsa pair, passed on to the first one and the ssh / scp /synch all work.
Does anyone know a openssh discussion forum ?
#AIX-Forum

Originally posted by: SystemAdmin

Not sure of a good discussion forum but the problem here does not sound like it is the keys. The ~/.ssh/known_hosts file lists IP address' or hostnames of servers you ahve connected to via ssh in the past. If you then regenerate the remote host key or reuse an IP or hostname then the key stored int he known_hosts file does not match.

In this case the key presented by 10.10.1.30 does not match the one in your known_hosts. If you are sure it is the correct system then look in the known_hosts file for an entry that starts with that IP and delete it. The next time you connect the new key will be added to the known_hosts and your key pair should work.

Thanks,

Sam
#AIX-Forum

Originally posted by: SystemAdmin

Thanks. Folowwed your suggestion, it works now.
#AIX-Forum