Mac – How to fix warning about ECDSA host key


We have this seen this happen more than a few times with our Mac customers using their built-in SSH CLI client utility.

This is a client-side issue, and is generated when your client connects to different servers using the same AWS IP address.

For example, say you deploy aMiSTACX for Magento with EIP Address: 32. 32. 1. 5, and connect via SSH for the first time.

You will cache a fingerprint to the local Mac SSH client.

Then you decide to switch the AWS EIP to another server, and establish another SSH connection.

Note: WinSCP users you get a simple Yes/No warning about the fingerprint.

For Macs with a certain security setting [Strict SSH Checking], you will need to clear the fingerprint from the previous connection.

Remove the cached key for the IP address on the local machine as follows:

ssh-keygen -R {AWS IP ADDRESS}

e.g., ssh-keygen -R

and then just try the connection again:

ssh -i path/to/AWSAccessKey.pem ubuntu@


ssh -i “AWSAccessKey.pem” ubuntu@

Should be success? What can I say – it’s a Mac.