[Bug 625552] New: openssh: inprove recommendation in "REMOTE HOST IDENTIFICATION HAS CHANGED" message
http://bugzilla.novell.com/show_bug.cgi?id=625552 http://bugzilla.novell.com/show_bug.cgi?id=625552#c0 Summary: openssh: inprove recommendation in "REMOTE HOST IDENTIFICATION HAS CHANGED" message Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Minor Priority: P5 - None Component: Basesystem AssignedTo: anicka@novell.com ReportedBy: sbrabec@novell.com QAContact: qa@suse.de Found By: --- Blocker: --- When remote host identification changes, following message appears: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is ................ Please contact your system administrator. Add correct host key in /home/sbrabec/.ssh/known_hosts to get rid of this message. Offending key in /home/sbrabec/.ssh/known_hosts:1 RSA host key for ben has changed and you have requested strict checking. Host key verification failed. Following the message and opened known_hosts file, I found just an ASCII noise. Well, I tried to delete line 1 (guessing from the error message) and got this message: The authenticity of host 'foo (...)' can't be established. RSA key fingerprint is ............ Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'foo' (RSA) to the list of known hosts. Warning: the RSA host key for foo' differs from the key for the IP address '...' Offending key for IP in /home/sbrabec/.ssh/known_hosts:1 Are you sure you want to continue connecting (yes/no)? yes It would be nice to change the messsage and offer ssh-keygen -R or so. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=625552 http://bugzilla.novell.com/show_bug.cgi?id=625552#c Anna Bernathova <anicka@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P4 - Low Status|NEW |ASSIGNED -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=625552 http://bugzilla.novell.com/show_bug.cgi?id=625552#c1 Anna Bernathova <anicka@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |sbrabec@novell.com --- Comment #1 from Anna Bernathova <anicka@novell.com> 2010-07-27 13:42:08 UTC --- I am not sure about appropriate fix.Maybe change the line to Offending key in /home/sbrabec/.ssh/known_hosts:1 (ssh-keygen can be used to remove it) ? But is not it better to leave it unchanged, when the program reports correct line so you can do it manually easily? What do you think? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=625552 http://bugzilla.novell.com/show_bug.cgi?id=625552#c2 Stanislav Brabec <sbrabec@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|sbrabec@novell.com | --- Comment #2 from Stanislav Brabec <sbrabec@novell.com> 2010-07-27 16:03:36 CEST --- Yes, it would be nice to propose ssh-keygen command that will remove both lines that block or complicate access to the server. (Ideally on a separate line, so one could have just copy line and paste.) -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=625552 https://bugzilla.novell.com/show_bug.cgi?id=625552#c3 Bruno Friedmann <bruno@ioda-net.ch> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bruno@ioda-net.ch --- Comment #3 from Bruno Friedmann <bruno@ioda-net.ch> 2010-08-19 17:48:26 UTC --- Approve totally the Stanislav proposal. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=625552 https://bugzilla.novell.com/show_bug.cgi?id=625552#c4 --- Comment #4 from Anna Bernathova <anicka@novell.com> 2010-08-20 07:36:31 UTC --- *** Bug 632713 has been marked as a duplicate of this bug. *** http://bugzilla.novell.com/show_bug.cgi?id=632713 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=625552 https://bugzilla.novell.com/show_bug.cgi?id=625552#c5 Anna Bernathova <anicka@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #5 from Anna Bernathova <anicka@novell.com> 2010-10-05 13:54:06 UTC --- Fixed for factory. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=625552 SMASH SMASH <smash_bz@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|maint:planned:update | -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com