@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
7e:68:af:ba:bd:4f:8d:20:3e:10:79:e3:d2:2c:a8:7c.
Please contact your system administrator.
Add correct host key in /home/albert/.ssh/known_hosts to get rid of this message.
Offending key in /home/albert/.ssh/known_hosts:1
RSA host key for ... has changed and you have requested strict checking.
Host key verification failed.
>
> when I type ssh in terminal, it said:
>
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle
> attack)!
> It is also possible that the RSA host key has just been changed.
> The fingerprint for the RSA key sent by the remote host is
> 7e:68:af:ba:bd:4f:8d:20:3e:10:79:e3:d2:2c:a8:7c.
Scary huh? Just means that the expected ‘fingerprint’ wasn’t found when you
connected to a machine that you had connected to successfully in the past.
try this command to fix that:
rm ~/.ssh/known_hosts
This will clear the ‘cache’ of remembered fingerprints.
That seems just a wee bit extreme… all you need to do is remove the
ONE line in there that is cited in the message… in this case that
line is 68 as indicated by the fingerprint message. Removing the entire
file gets rid of any protection had by using this feature. If there
really is a man-in-the-middle attack taking place this message is
invaluable. If the destination machine hasn’t had its keys changed
recently for some reason (they never change on their own… this should
be known) then the login should not be done. Deleting this file to
avoid this message is akin to clicking ‘Ok’ every time you see a popup
in internet explorer telling you it wants to install some new software
to detect a virus that was just found on your computer. Maybe a better
comparison is the popup you can get when going to an untrusted
SSL-enabled site. If you go to www.yourbanknamehere.com and get a popup
like that you should immediately leave and never type your password as
it means either you’re at the wrong site or your bank’s IT department is
completely incompetent and shouldn’t be trusted.
Good luck.
L R Nix wrote:
> On Mon, 18 Aug 2008 06:06:03 GMT
> albumns <albumns@no-mx.forums.opensuse.org> wrote:
>
>> when I type ssh in terminal, it said:
>>
>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
>> Someone could be eavesdropping on you right now (man-in-the-middle
>> attack)!
>> It is also possible that the RSA host key has just been changed.
>> The fingerprint for the RSA key sent by the remote host is
>> 7e:68:af:ba:bd:4f:8d:20:3e:10:79:e3:d2:2c:a8:7c.
>
> Scary huh? Just means that the expected ‘fingerprint’ wasn’t found when you
> connected to a machine that you had connected to successfully in the past.
>
> try this command to fix that:
>
> rm ~/.ssh/known_hosts
>
> This will clear the ‘cache’ of remembered fingerprints.
>
> Loni
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
You’re absolutely correct, you don’t have to remove the whole file, but where do you get 68 from? It’s line 1 which is probably the only line there at the moment, but your advice is still good.
Line 1 as indicated on the end of the message here. You were right of
course.
Good luck.
ken yap wrote:
> You’re absolutely correct, you don’t have to remove the whole file, but
> where do you get 68 from? It’s line 1 which is probably the only line
> there at the moment, but your advice is still good.
>
>> Offending key in /home/albert/.ssh/known_hosts:1
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
First of all, albumns… I mean no disrespect in this posting, this not
directed AT you, nor ABOUT you… If you find this offensive, I apologize
and you can privately email me and grumble. Loni.
You’re ALL correct… it IS a rather extreme solution to a trivial type
problem… Most of these users will never ssh, and of those that do, most
only ssh to their other computer. So they’ll only have a single entry
anyways. Their needs are different than someone who administers machines
remotely, for which this error messages has dire meanings.
Trying to get people to compare keys, find line numbers, count on their
fingers… not always easy. Delete the file is a solution. Certainly not
the BEST solution, but easy to understand. Once someone gets more knowledge
and experience, maybe actually reads the error message and realizes it tells
you exactly what to do… Then I start explaining how to do specific edits
and removals. There is a point in time where ‘newbies’ stop being ‘newbies’
and start becoming real users. As the type of questions change, the depth of
answer must change as well.
Yeah, I’m most likely taggable as ‘old-school’. I believe that giving
someone the answer is not always the best thing. I do try to encourage
someone to learn, to question, to experiment… because if the answer is just
spoon-fed to someone, they will not learn, and will continue not learning…
look at our kids today… if it’s not instantaneous gratification… they’re
not interested. No incentive to learn new things, to try new stuff.