 |
|
You are here: CLASSE Wiki>Computing Web>ManInTheMiddleAttack (21 May 2012, DevinBougie)Edit Attach
FAQ:
When I try to ssh into xxx system, the following message appears. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is df:ee:b0:80:c9:f0:99:22:9f:06:77:72:d4:fa:fe:4f. Please contact your system administrator. Add correct host key in /home/rukshana/.ssh/known_hosts to get rid of this messa ge. Offending key in /home/rukshana/.ssh/known_hosts:19 RSA host key for lnx1621 has changed and you have requested strict checking. Host key verification failed. rukshana_lns131% ssh lnx1621.lns.cornell.edu The authenticity of host 'lnx1621.lns.cornell.edu (172.16.2.1)' can't be establi shed. RSA key fingerprint is df:ee:b0:80:c9:f0:99:22:9f:06:77:72:d4:fa:fe:4f. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'lnx1621.lns.cornell.edu' (RSA) to the list of known hosts. Warning: the RSA host key for 'lnx1621.lns.cornell.edu' differs from the key for the IP address '172.16.2.1' Offending key for IP in /home/username/.ssh/known_hosts:19ANSWER:
Generally these messages appear if a system has been upgraded or re-installed. To stop seeing the messages, you need to remove the referenced line from your ~/.ssh/known_hosts file. This can be done by executingssh-keygen -R hostname. Alternatively for the above message, you would remove line 19 (the line that begins with "lnx1621").
One way to verify that the information is correct is to use some other method to login on the remote computer, perhaps by using
kinit (type your interactive password) krlogin lnx1621then type the command, ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub, which will display the host key. Please check our Network and System Status page for server or farm nodes that have recently been upgraded. Back to: ComputingFAQ
Edit | Attach | Print version | History: r5 < r4 < r3 < r2 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r5 - 21 May 2012, DevinBougie
Quick Links
Usage Information
Collaboration
IT Communications
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding CLASSE Wiki? Send feedback