WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

Hi @stereoscience, maybe you reinstalled Vagrant and Homestead and you need to update your hosts related with your ssh access on your Virtual Machine.

The step that I made:

1. Rename your /Users/Username/.ssh/known_hosts file to bk_known_hosts, and delete the old file. This old file contains your ssh keyed connection within your host.
2. Try connecting newly.

Hope it helps you.

I'll give it a shot after lunch and let you know if it works. Thanks for the quick response.

Yep, what @codeatbusiness says. This is protection against man-in-the-middle attacks. You're likely using the same hostname or IP address for a new VM/server, which confuses SSH.

Delete your known_hosts file found at ~/.ssh/known_hosts on your local computer (where you're connection FROM).

Deleting known_hosts is fine, in general.

More information on known_hosts: http://security.stackexchange.com/questions/20706/what-is-the-difference-between-authorized-key-and-known-host-file-for-ssh

(Might make for a good addendum to the SFH book :D )

Thanks @fideloper, It works for me too. Thanks for verify that you can delete the known_hosts file securely, it is the cause that I told to @stereoscience that make before a backup of that file :)

Ok. I deleted the file like you said and now when I ssh it says 'The authenticity of host '[127.0.0.1]:2222 ([127.0.0.1]:2222)' can't be established'. Should I say yes and connect anyway?

The first time, you will always need to click yes

Thanks bashy. I wish you could all be awarded with the answer, but a thumbs up will have to do.

Ah it's fine, here to help :)

Why isn't this in the documentation? I just encountered the same error and scared the crap out of me :(

In all honesty, you should take note of the warning since it could well happen. If it's a local VM however, it's not going to be an attack. I agree it does worry you at the start but that's a good thing. People then research what it is and find out how to manage and secure their servers better.

It's all a learning curve that isn't that hard but just try to understand why it's there in the first place.

It's a Homestead set up on my Mac, following the instructions on the Laravel website. So that's local. I hope! :)

Yes it's all a learning curve. But there's a limit to what one can and should have to learn. If you're managing servers, you need to know about them a lot. But if you're a web developer, there's already too much to learn on front-end and backend development.

The whole point of Homestead is that it's supposed to be better and easier then Mamp, Wamp, etc. It is, in certain ways, but the documentation is still lacking in my opinion.

Sure, but learning programming isn't just the code itself but also what software it's running on. PHP has a lot of settings and configuration stuff that everybody using PHP should learn.

SSH auth, keys and security of them is something you should know. There's very little to learn but once you know you'll be able to fix those errors like it's second nature.

As a PHP developer in the real world, I use the command line a lot which involves SSH and the security of it involved within the company.

Well, depending on the situation (mostly the kind of projects or the environment one works in) developers need to know some things. But even then it shouldn't have to be more difficult than it is to find the info needed. It's just a huge waste of energy and time if hundreds or many thousands of developers encounter the same problem again and again and spend many hours reading through confusing forum posts or blogs, while it would have taken 15 minutes to write something down in the documentation in the first place. I know it's maybe a developer/geek thing to enjoy doing things 'the hard way', but that's not for everybody :)

I disagree about it being in the documentation. You can search Google and find countless information about it. Here is a website I use a lot for Linux and is the first result when searching Google.

http://www.cyberciti.biz/faq/warning-remote-host-identification-has-changed-error-and-solution

Tell me that doesn't solve your issue? I've learnt all I have by searching, doesn't take that long. Documentation could have it in but how far should it go?

Well that's exactly what I mean: that link you provide might be a solution for -you-, but not for me. First, all those Linux commands given there are abracadabra for me. Running commands without knowing the potential risks is dangerous. Second, the article starts by saying "If you have reinstalled Linux or UNIX with OpenSSH". Well, I have not. So I don't know if what follows applies to my situation. Third, there are three solutions given, so I don't know which one to pick (ok minor point).

And again, why would I need to do a search and trying to figure out a solution by reading many articles, forum posts, judging how good they are, etc, when 5 lines in the primary documentation would be enough? Why should it be more difficult than needed?

It's just assumed everybody is a Linux guru. Well most PHP developers are not.

Okay, openssh is used in OS X/Linux. You didn't install it because it's default (normally). There's three ways because there's more than one way to solve it.

Sure, not all developers know basic Linux/Unix stuff but it's something that can't be explained in every documentation. If you read the error message, it explains what could be wrong. I haven't learnt what I know by getting it given to me. It's very hard to do that.

Well let's just agree to disagree. Sure, searching for solutions to problems is part of the job. And of course you can't write down everything in the documentation. But installing and -updating- Homestead are the most basic/first things that should be written down in the docs. The whole point being promoted about Homestead is that it's so easy. Expecting people to Google and find/trust/understand a Linux blog post from 2006 ... I don't know.

Yes, Homestead is highly under documented, I can agree on that.

There's always help commands

man ssh

And you can always find out what commands do with this

ssh-keygen --help

Read down the options and find "-R"

-R hostname Remove host from known_hosts file.

Ah, that's good to know. I'll write them down in my notes.

At least we have a Laracasts forum with people like you helping others :)

Hi Guys,

So just updated to Homestead 0.3.3 (https://atlas.hashicorp.com/laravel/boxes/homestead/versions/0.3.3) now I am getting the same issue as this, even after deleting the known_hosts file!

You probably want avoid deleting known hosts file. The error tells you the file and line number /Users/USERNAME/.ssh/known_hosts:2 to fix you can do vi /Users/USERNAME/.ssh/known_hosts +2 to open at second line then do dd to delete the line then :wq to save then try ssh again

@D9705996 Thanks for that - I've fixed it now.

In case anyone else stumbles on to the thread with the same problem, I forgot the obvious that if you have Git installed, then the .ssh folder is overridden to something like Programs/Git/.ssh

Thanks,

Whats the best way to work with this if we have 3 homestead boxes on the same PC - I'd rather not delete this everytime I switch between boxes. I tried setting a different IP for the box (the 192.168.10.10 one) but it seems the ssh vagrant@IP -p 2222 only works with 127.0.0.1

Update: In my homestead.yaml file, I changed the IP on my second homestead box from 192.168.10.10 to 192.168.10.11.

I wasn't able to ssh vagrant@192.168.10.11 -p 2222

I WAS able to ssh vagrant@192.168.10.11

The first time I did this it prompted me with the RSA key fingerprint and asked if I wanted to continue. Now I'm in. I suspect this will be an easier way of bouncing between boxes.