Hello,
it's been a while since I last connected to
svn.debian.org (Alioth). While trying to connect today (svn update), I got a message about a ssh key change:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for
svn.debian.org has changed,
and the key for the corresponding IP address 5.153.231.21
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
d7:0b:26:5c:7a:5d:56:40:a9:e0:5d:f4:e1:70:88:bf.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.
Offending RSA key in /home/user/.ssh/known_hosts:34
RSA host key for
svn.debian.org has changed and you have requested strict checking.
Host key verification failed.
However, the fingerprint reported by the host is different from the one listed here:
https://wiki.debian.org/Alioth/SSH#Logging_in_for_the_first_time
I'm 99% sure it's an oversight and not a MITM attack, just making sure. Thanks.
Regards,
~~helix84