[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

new host key?: Re: compromise of gluck.debian.org, lock down of other debian.org machines



Hi,

Are you sure it is Debian gluck issue?

I can connect with SSH to it now with minor problem.

On Sun, Jul 30, 2006 at 11:28:36AM +1000, Brian May wrote:
...
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host 'gluck.debian.org' is known and matches the RSA host key.
> debug1: Found key in /home/bam/.ssh/known_hosts:219
> debug1: ssh_rsa_verify: signature correct

It looks like gluck's new SSH uses new host identification.

I got following message when I connected with ssh -v
...
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

After removing old entries from ~/.ssh/known_hosts, I can update host
key and login.

Good luck.

Osamu

PS: It would have been nicer if old hosk identification was backuped and
used in new system.

Attachment: signature.asc
Description: Digital signature


Reply to: