Antwort: [suse-security] SSH - changed finger print
Perhaps the Putty-File is destroyed. You can find it in the putty-dir with
the extension "REG". Try to restore this file and then to reconnect.
Mit freundlichen Grüßen
Joachim Winter
Malberg EDV-Systemberatung GmbH
Humboldtstrasse 18
04105 Leipzig
Tel.: 0341 / 986 - 2860
Fax: 0341 / 986 - 2879
www.malberg-edv.de
|---------+----------------------------------->
| | Dominik Sk?adanowski |
| |
------------------------------------------------------------------------------------------------------------------------------|
|
|
| An: SuSE-Security
------------------------------------------------------------------------------------------------------------------------------| Hello list, today during login to server by ssh, I've noticed that fingerprint of my key server has changed. I comapred keys with previous backups - keys are the same. It is strange, different fingerprint warning I get when I use PuTTY on my W2k workstation. When I try to login from my SuSE workstation I didn't get any warning. I use SuSE 8.2 Pro and latest patches to OpenSSH I have installed. -- ++++++++++++++++++++++++++++++++++++++++++ Dominik Sk?adanowski e-mail: dominik.skladanowski@ch.pw.edu.pl ++++++++++++++++++++++++++++++++++++++++++ -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Hi, Joachim.Winter@malberg-edv.de schrieb:
Perhaps the Putty-File is destroyed. You can find it in the putty-dir with the extension "REG". Try to restore this file and then to reconnect.
in this case you should definitely make sure, that the fingerprint is o.k. - otherwise you might be running into a man-in-the-middle attack. You should make sure, that you're using the same protocol (version 2, DSA / RSA) as on the other machine. If you're using a different method here, this might be the cause for the difference. Try to force putty to use Version 2 and DSA on both windows clients. They should present the same fingerprints then. You can also compare the fingerprint to the one that is presented when connecting from the ssh server to localhost (StrictHostKeyChecking in ssh_config has to be set to "ask"). Don't just ignore this warning. Regards, K.
Hello list,
today during login to server by ssh, I've noticed that fingerprint of my key server has changed. I comapred keys with previous backups - keys are the same.
It is strange, different fingerprint warning I get when I use PuTTY on my W2k workstation. When I try to login from my SuSE workstation I didn't get any warning.
I use SuSE 8.2 Pro and latest patches to OpenSSH I have installed.
-- Dipl.-Ing.(FH) Klaus J. Mueller http://internet-sicherheit.net
participants (2)
-
Joachim.Winter@malberg-edv.de
-
Klaus J. Mueller