Jetson Nano Orin, stuck with SSH

For the new Jetson Nano Orin that I recently got, I burned the SSD with the latest image. The board is booting up. With an additional monitor/keyboard/Mouse, I am able to login to the the Linux environment. Board is connected to my WiFi and everything seems normal. I am trying to SSH from my Macbook to Jetson via USB cable/port. But I am getting this very strange long message.

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
Please contact your system administrator.
Add correct host key in /Users/navidkhajouei/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/navidkhajouei/.ssh/known_hosts:3
Host key for has changed and you have requested strict checking.
Host key verification failed.

Any suggestions how to resolve?

Please execute the command and try to login again:

$ ssh-keygen -f /Users/navidkhajouei/.ssh/known_hosts -R

I will give this a try tomorrow when I am back in office. Meanwhile I realized something. My username on Jetson is “navid” and the command i entered on my Macbook:

SSH navid@

The message below is strange because “navidkhajouei” is actually my MacBook (host laptop) user name:

Offending ECDSA key in /Users/navidkhajouei/.ssh/known_hosts:3

So I am confused what it’s talking about.

If you ssh to any host it remembers some of the details. If any detail changes, you are alerted with this. Some examples:

  • If you use a named address, and the DNS resolves to a new or different dotted-decimal address, then you get a warning.
  • The host itself has a key. This key is randomly generated most of the time during install or first boot. If that key changes, then you are alerted. An example of a change (depending on how it is done) you might see is if you (A) reinstall or flash again, or (B) replace a major system component (sometimes).
  • If you’ve used a dotted-decimal address in the past, or a named address, but switch which one you use, then you will get a warning (in one case it might be a change warning, but in another case it might be considered a “new” connection).

It is quite common to get such a warning if you re-flash a system. One thing I do prior to flashing, if the system has been used on a network before, is to copy some of the original content into the “Linux_for_Tegra/rootfs/” content. Examples would be:

  • Any ssh keys or setup for the host.
  • Any user accounts I plan to use, including home directory. This indirectly implies saving the “~/.ssh/” content.
  • Any “/etc/hosts” aliases.

Note that I do the above even when I don’t clone. A good reason for this instead of cloning is the case of upgrading from one release to another when you cannot use a clone.

1 Like

Thanks so much. This worked for me.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.