How to manager .ssh/known_hosts file.

[baoyachi]

When restarting the sftp service, SSH authentication fails. The warning logs: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

The detail log:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
SHA256:4/usiLYoGeiUTd5NMxpS3Snm7gR5Vkudk4lnGR/5CS8.
Please contact your system administrator.
Add correct host key in /Users/baoyachi/.ssh/known_hosts to get rid of this message.
Offending ED25519 key in /Users/baoyachi/.ssh/known_hosts:32
Host key for [0.0.0.0]:2222 has changed and you have requested strict checking.
Host key verification failed.
Connection closed
Connection closed.

So, how to manage ~/.ssh/known_hosts file when sftp-server restart, that authentication fails.

[NobodyXu]

Well, did you re-install the remote server, or are you trying to connect to a ssh server inside container? In that case, the remote host identification does change and it will get rejected by ssh, I would suggest using a temporary ssh know_hosts file by using tempfile and SessionBuilder::user_known_hosts_file

[baoyachi]

Yeah, I used docker started sftp-server.

[NobodyXu]

Yeah, I used docker started sftp-server.

I recommend you to use a tempfile as ssh known_hosta as suggested by my previous comment

[baoyachi]

Now, use /dev/null path replace.

[NobodyXu]

Now, use /dev/null path replace.

Hmmm, does that work for you?

[baoyachi]

Now, use /dev/null path replace.

Hmmm, does that work for you?

Yes.