Two pc's (9.0), access one way only
Two 9.0 pc's. Both ping each other. Ssh a to b - ok. Ssh b to a - No. B reports the following: ssh a @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 6d:b9:6d:9c:5d:34:41:eb:be:b5:27:70:31:07:88:4d. Please contact your system administrator. Add correct host key in /home/john/.ssh/known_hosts to get rid of this message. Offending key in /home/john/.ssh/known_hosts:3 RSA host key for a has changed and you have requested strict checking. Host key verification failed. Right now I just want to be able to get and keep the two talking to each other, so anything that will do that. Security not an issue in the house AFAICT. Thanks for any help ellie@wam.umd.edu
Do what the message says! I change the name of the 'known_hosts' file to say 'known_hosts.old' & let the RSA keys get re-generated when I re-connect for the 1st time. Regards, Des Aubery... (adTherm Technology - www.adtherm.com - des@adtherm.com) On Monday 12 April 2004 10:48, ellie philippen wrote:
Two 9.0 pc's. Both ping each other. Ssh a to b - ok. Ssh b to a - No. B reports the following:
ssh a @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 6d:b9:6d:9c:5d:34:41:eb:be:b5:27:70:31:07:88:4d. Please contact your system administrator. Add correct host key in /home/john/.ssh/known_hosts to get rid of this message. Offending key in /home/john/.ssh/known_hosts:3 RSA host key for a has changed and you have requested strict checking. Host key verification failed.
Right now I just want to be able to get and keep the two talking to each other, so anything that will do that. Security not an issue in the house AFAICT.
Thanks for any help ellie@wam.umd.edu
des said:
Do what the message says!
I change the name of the 'known_hosts' file to say 'known_hosts.old' & let the RSA keys get re-generated when I re-connect for the 1st time.
Or just find the key for that specific machine in ~/.ssh/known_hosts and delete it. I have many keys in my known_hosts file, I wouldn't want to rebuild the whole thing, just for one changed key. -- Neil Schneider pacneil_at_linuxgeek_dot_net http://www.paccomp.com Key fingerprint = 67F0 E493 FCC0 0A8C 769B 8209 32D7 1DB1 8460 C47D Fires can't be made with dead embers, nor can enthusiasm be stirred by spiritless men. Enthusiasm in our daily work lightens effort and turns even labor into pleasant tasks. --James Baldwin
On Monday 12 April 2004 05:48, ellie philippen wrote:
Two 9.0 pc's. Both ping each other. Ssh a to b - ok. Ssh b to a - No. B reports the following:
ssh a @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
It means something has changed so that the IP isn't linked to the same identification on the machine that you can't ssh to. Suppose you reinstalled, replaced the network card or something. On the machine that you're trying to ssh from, cd into your .ssh directory, and edit the file known_hosts In it you'll see a line for each remote IP that you access (the lines wrap quite a few times on my screen). Delete the line with the offending IP - all should be well.... Hans
On Mon, Apr 12, 2004 at 12:01:57PM +0200, Hans du Plooy wrote:
On Monday 12 April 2004 05:48, ellie philippen wrote:
Two 9.0 pc's. Both ping each other. Ssh a to b - ok. Ssh b to a - No. B reports the following:
ssh a @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
It means something has changed so that the IP isn't linked to the same identification on the machine that you can't ssh to. Suppose you reinstalled, replaced the network card or something.
Or you have dhcp handing out addresses. In which case you might, from time to time, get a different ip-adress for some host, than the one the other hosts know about.
On the machine that you're trying to ssh from, cd into your .ssh directory, and edit the file known_hosts In it you'll see a line for each remote IP that you access (the lines wrap quite a few times on my screen).
Which means that you have to make sure that whatever editor you use to edit known_hosts with, does *not* apply wordwrapping (!)
Delete the line with the offending IP - all should be well....
Or comment it out, which achieves the same, except you have the old key on hand if the ip-address changes back... /Jon -- Whatever rocks your boat!
On Mon, 2004-04-12 at 05:48, ellie philippen wrote:
Two 9.0 pc's. Both ping each other. Ssh a to b - ok. Ssh b to a - No. B reports the following:
ssh a @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 6d:b9:6d:9c:5d:34:41:eb:be:b5:27:70:31:07:88:4d. Please contact your system administrator. Add correct host key in /home/john/.ssh/known_hosts to get rid of this message. Offending key in /home/john/.ssh/known_hosts:3 RSA host key for a has changed and you have requested strict checking. Host key verification failed.
Right now I just want to be able to get and keep the two talking to each other, so anything that will do that. Security not an issue in the house AFAICT.
If security is not a problem, then you can just edit /home/john/.ssh/known_hosts and delete the line that starts with a's ip or hostname. Then ssh again. It will ask you again to add the host. This normally happens when you change the IP address of hostname of the remote computer. HTH -- Andre Truter Software Engineer Registered Linux user #185282 ICQ #40935899 AIM: trusoftzaf http://www.trusoft.co.za ~ "Oh Bother!" said the Borg, "we assimilated the Pooh!" ~ Disclaimer and Confidentiality Warning This message is intended for the addressee only. If you are not the intended recipient of this message, you are notified that any distribution, use of or copying of this communication is strictly prohibited. If you have received the communication in error, please notify the sender immediately. The views and opinions expressed in this message are those of the individual sender of this message and do not necessarily represent the views and opinions of ATIO. Consequently, ATIO does not accept responsibility for such views and opinions and this message should not be read as representing the views and opinions of ATIO without subsequent written confirmation. Each page attached hereto must also be read in conjunction with this disclaimer.
participants (6)
-
Andre Truter -
des -
ellie philippen -
Hans du Plooy -
Jon Clausen -
Neil Schneider