Where Are Known SSH Host Keys Stored on Ubuntu?

When you connect to a remote server using SSH on Ubuntu Linux, your system saves the remote server’s public key to verify its identity in future connections. This article explains the exact location of these stored SSH host keys for both individual users and the system, and provides quick instructions on how to view or manage them.

The User-Specific Location

For individual users on Ubuntu, the known SSH host keys are stored in a file named known_hosts inside the user’s hidden SSH directory.

The absolute path to this file is: /home/username/.ssh/known_hosts

Or, using the tilde shortcut: ~/.ssh/known_hosts

Every time you connect to a new SSH server and accept the fingerprint prompt, the server’s public key is appended to this file.

The System-Wide Location

Ubuntu also has a system-wide file for known host keys. This file applies to all users on the system who have not explicitly overridden the keys in their personal files.

The system-wide host keys are stored at: /etc/ssh/ssh_known_hosts

How to View and Manage Known Host Keys

Viewing the File

You can view the contents of your user-specific known hosts file using the cat command in the terminal:

cat ~/.ssh/known_hosts

Because modern Ubuntu installations often hash hostnames for security, the file may look like a list of random characters.

Removing an Outdated Host Key

If a remote server’s IP address or key changes, you will receive a “Host key verification failed” warning. To safely remove the old key from your known_hosts file, use the ssh-keygen command followed by the remote hostname or IP address:

ssh-keygen -f "~/.ssh/known_hosts" -R "server-ip-or-domain"

This command automatically removes the problematic entry without requiring you to manually edit the file.