SSH Host Key Verification on Ubuntu Linux

Secure Shell (SSH) relies on host key verification to establish a secure, trusted connection between a client and an Ubuntu Linux server. This article explains how the host key verification process works, how SSH prevents man-in-the-middle (MitM) attacks using cryptographic fingerprints, where these keys are stored, and how to handle key mismatch warnings.

The Role of Host Keys

When you connect to an Ubuntu server via SSH, the server must prove its identity to your client computer. It does this using a unique cryptographic key pair (a public key and a private key) generated during the installation of the SSH server. The public portion of this key pair is known as the “host key.” Host key verification ensures that you are connecting to the actual server you intended to reach, rather than an impostor intercepting your traffic.

Trust on First Use (TOFU)

The first time you connect to an Ubuntu server using SSH, your client does not yet have a record of the server’s host key. SSH handles this using a model called “Trust on First Use” (TOFU):

1. Key Presentation: The Ubuntu server sends its public host key to your SSH client.
2. The Prompt: The client displays a cryptographic fingerprint of the host key and asks: “Are you sure you want to continue connecting (yes/no)?”
3. Acceptance: If you type “yes”, the client trusts the key and appends it to a local storage file on your machine, typically located at ~/.ssh/known_hosts.

Ideally, you should verify this fingerprint against the server’s actual fingerprint (which can be retrieved locally on the server using ssh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub) before accepting it.

Subsequent Connections

On all future connection attempts, the process is fully automated.

1. Your SSH client requests the host key from the Ubuntu server.
2. The client searches your local ~/.ssh/known_hosts file for an entry matching the server’s IP address or domain name.
3. If the host key sent by the server matches the key saved in your known_hosts file, the identity of the server is verified, and the SSH session proceeds to the user authentication phase (password or SSH key).

Handling Host Key Changes

If the host key presented by the Ubuntu server does not match the key stored in your known_hosts file, SSH will terminate the connection immediately. You will see a highly visible warning:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

This discrepancy occurs for one of three reasons:

• Server Reinstallation: The Ubuntu OS was reinstalled, which generated brand-new host keys.
• IP/Domain Reassignment: The IP address or domain name you are connecting to has been reassigned to a different server.
• Man-in-the-Middle Attack: An attacker is actively attempting to intercept your connection.

If you know the change is legitimate (such as after a server reinstall), you must remove the old, outdated key from your client’s database before SSH will allow you to connect again. You can quickly remove the old key using the following command on your client machine:

ssh-keygen -R [server_ip_or_hostname]

Once the old key is removed, your next connection attempt will trigger the “Trust on First Use” prompt again, allowing you to save the new host key.