Bug#568406: better instructions for remote host identification changed spoofing warning
Package: openssh-client
Version: 1:5.3p1-1
Severity: wishlist
File: /usr/bin/ssh
I got this message:
$ ssh frodo.hserus.net
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for frodo.hserus.net has changed,
and the key for the corresponding IP address 204.74.68.40
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
c5:1a:d3:4f:a5:60:35:48:25:f6:af:e4:1d:24:dd:7e.
Please contact your system administrator.
Add correct host key in /home/jidanni/.ssh/known_hosts to get rid of this message.
Offending key in /home/jidanni/.ssh/known_hosts:1
Problems:
1. The message doesn't say what command to use to
"Add correct host key in /home/jidanni/.ssh/known_hosts".
2. Perhaps the user is supposed to use an text editor.
Perhaps he is supposed to manually count the entries and
"Offending key in /home/jidanni/.ssh/known_hosts:1"
means the first entry. But what if it was deep in the file?
And. looking in known_hosts, one finds EVERY line starts with a "1":
"|1|oXWswQzymcFivA..."
So you have doubly left the user out on a limb.
You need to reword this warning. Thank you.
Reply to: