Change Host Keys Used by SSH Connections

Host keys used by SSH connections have been changed from DSA to RSA. Automatic file transfer set-up dependent on remote host keys are now likely to break and users may encounter error messages. Manually change these keys by following the following instructions for either Unix or Windows.

Unix host key change instructions

  1. Run this command, replacing HOSTNAME with the name of the host you are connecting to: 
    ssh-keygen -R HOSTNAME
    This will remove the old key entry for HOSTNAME from your ${HOME}/.ssh/known_hosts file.
  2. Add the new key to your known hosts with the command: 
    ssh HOSTNAME
  3. You should be prompted to add the key to your known_hosts file, as shown below. Save the new key by typing: 
    yes
    Prompt will be: ssh ‘HOSTNAME’. The authenticity of host 'HOSTNAME (XXX.XXX.XXX.XXX)' can't be established. RSA key fingerprint is XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX. Are you sure you want to continue connecting (yes/no)?
  4. Your host key will now be up to date.

Windows host key change instructions

Windows users need to add the RSA key to the cache and/or accept and save the host key change.

Depending on your client you may need to click either Accept and Save or Yes, as shown in the images below:

Bitvise

Bitvise click Accept and Save

Putty

Putty click Yes

SSH Secure Shell

SSH Secure Shell click Yes

Having Issues?

If you encounter issues, please send an email to trouble@colorado.edu or call x26096 and a member of the Systems Engineering team will work with you to resolve the problem.