I have two ways of accessing my remote host ssh server:
using its local IP addres
using its public IP address
Yesterday, I reinstalled my SSH server on the remote host and I updated my known hosts file for the local IP address. I am now off of my local network and trying to connect to my server using its public IP address and I realized I forgot to update my known hosts file after reinstalling the SSH service. This is giving me the common error below.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
MD5:FINGERPRINT.
Please contact your system administrator.
Add correct host key in /Users/user/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/user/.ssh/known_hosts:25
ECDSA host key for [PUBLIC IP]:PORT has changed and you have requested strict checking.
Host key verification failed.
I'm 99% sure this is because I changed the SSH server, however, if I wanted to double check and verify, how would I do this?
My question is
How can I verify the new fingerprint of the remote host against the fingerprint saved for the local IP address of the server?
What I've Done
I ran the following command: ssh-keygen -lv -f ~/.ssh/known_hosts and found the SHA256 fingerprint saved for the local ip address of my server.
I compared this to the SHA256 fingerprint being sent to me from my remote host, and they appear to be identical.
How can I be 100% sure? Did I do this properly?
