Mailinglist Archive: opensuse-security (485 mails)

< Previous Next >
Re: [suse-security] ssh: Changing Host Keys
  • From: Stephen Prendergast <stephen@xxxxxxxxx>
  • Date: Thu, 11 Mar 2004 11:41:09 +1300
  • Message-id: <200403111141.13345.stephen@xxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Lucky

On your machine

Offending key in /home/lucky/.ssh/known_hosts:4

using your favourite editor remove the offending entry. (:4)
You should also see its IP on the offending line.

I reccomend some additional reading on ssh and man in the middle attacks as
well. All in /usr/share/doc/packages/sshd

Cheers

On Thursday 11 March 2004 11:31, Lucky Leavell wrote:
> OS: SuSE 9.0 using SuSEfirewall2
>
> This was a Red Hat 8 box which we blew away when doing a FTP install of
> SuSE 9 (neat!). Unfortunately, we had used this box to ssh into and used
> the same IP address for the SuSE install. After a bit of tweaking, I got
> ssh to connect but now it complains about the host key change:
>
> Script started on Wed Mar 10 15:12:58 2004
> ris713 lucky /home/lucky 0:0 $ ssh -p 70 lucky@xxxxxxxxxxxxx
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
>
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
>
> Someone could be eavesdropping on you right now (man-in-the-middle attack)!
>
> It is also possible that the RSA host key has just been changed.
>
> The fingerprint for the RSA key sent by the remote host is
> 85:e3:e6:b0:ab:67:38:9b:ce:22:e7:92:9b:31:d7:c8.
>
> Please contact your system administrator.
>
> Add correct host key in /home/lucky/.ssh/known_hosts to get rid of this
> message.
>
> Offending key in /home/lucky/.ssh/known_hosts:4
>
> RSA host key for 209.44.30.102 has changed and you have requested strict
> checking.
>
> Host key verification failed.
>
>
> script done on Wed Mar 10 15:13:16 2004
>
>
> Just exactly which key(s) should be deleted/added from where?
>
> Thank you,
> Lucky Leavell

- --
Key fingerprint = 15F8 E176 2278 5AF0 17A3 EF2A B6AE 72E3 C192 D63E

Stephen Prendergast
SP Software Ltd
07 570 1452
021 466 247

Notice of Confidential Information: This electronic mail message and any
accompanying attachments may contain information that is
privileged and CONFIDENTIAL. Do NOT forward this email without permission.
If you are not the intended recipient you are
advised that any use, review, dissemination, distribution or reproduction of
the information is strictly prohibited and may be unlawful. If you have
received this document in error, please notify the sender immediately and
destroy the message.

Signed,sealed and delivered via SuSe Linux . Want to know more ?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iD8DBQFAT5mItq5y48GS1j4RAs41AJ9U1zdWQP01ui0obRznLiWE+eU3lgCfVTFI
6aSSFuDoDayiFAXyHggwmzo=
=Y84Y
-----END PGP SIGNATURE-----


< Previous Next >
References