Host key verification failed. 主机验证失败解决办法

[Inchill]

执行 git pull 提示如下错误： @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the ED25519 key sent by the remote host is SHA256:HvkOXIaIyXi9ULkuGKWd8V7sR8HmrJ9EN1ht0QfMGRU. Please contact your system administrator. Add correct host key in /Users/xxx/.ssh/known_hosts to get rid of this message. Offending ECDSA key in /Users/xxx/.ssh/known_hosts:15 Host key for gitlab.xxx.cn has changed and you have requested strict checking. Host key verification failed. fatal: Could not read from remote repository.

Please make sure you have the correct access rights and the repository exists.

错误关键信息是 Host key verification failed. 主机验证失败。

查阅了网络资料，这关乎 ssh 协议的一个安全机制。通过 ssh 连接到计算机时，会缓存计算机的公钥，等到第二次连接上这台计算机时，会验证这台计算机和之前缓存的公钥是否匹配。如果公钥不同，ssh会发出警告或者直接拒绝连接。这样可以避免你受到 DNS Hijack 之类的攻击。

因为先前公司 gitlab 服务器迁移，服务器重启过，所以会出现这个问题。

解决方式很简单，hosts 文件出问题了，需要删除掉之前的缓存，最简单的就是 cd 进入 .ssh 目录，删除 known_hosts 以及 known_hosts.old。