I have got the well-known warning message when trying to ssh
into a server:
$ ssh whateverhost
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxx.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/user/.ssh/known_hosts:10
ECDSA host key for ipofmyhost has changed and you have requested strict checking.
Host key verification failed.
And I know why because I changed the ip of such server. But if it weren't so, how could I check the fingerprint for the ECDSA key sent by the remote host?
I have tried to do so by:
echo -n ipofthehost | sha256sum
But I don't get the same fingerprint. I also tried "hostname,ip" kind of like in AWS, but I didn't get any match.
If I delete the entrance from my known_hosts file and I try to ssh
again, it succeeds and tells the following:
ECDSA key fingerprint is SHA256:xxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxx.
Are you sure you want to continue connecting (yes/no)?
So to what is it applying the sha256sum to get the fingerprint and how I could check it?