Fix FreeRDP “remote host identification has changed”

When connecting to multiple Windows PCs using SSH port forwarding, you might get error:

The host key for localhost has changed
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.

While you must consider the security implications of this option for yourself, you can include the

/cert-ignore

option in the freerdp command to bypass this error message.

Since the SSH server and RDP are both on the same Windows PC, the man-in-the-middle check may be somewhat less likely to be needed.

Example

Remote PC IP Remote PC SSH port Remote PC RDP port
1.2.3.4 22 (open TCP firewall) 3389 (blocked by remote PC firewall)
#!/bin/sh
ssh -f -p 22 -L 3391:localhost:3389 [email protected] sleep 1;
xfreerdp /cert-ignore /u:joe /v:localhost:3391

Tags:

Categories:

Updated:

Leave a Comment