On Mon, Mar 19, 2001 at 07:42:34AM -0300, Christoph Simon wrote: > On Sun, 18 Mar 2001 15:29:33 -0800 > Nick <daye149@pacbell.net> wrote: > > > I am getting the follwing message, how do I get rid of it?????? > > fresh install of ssh > > > > nick@bluebox:~$ ssh 63.XXX.XXX.2 > > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > > Someone could be eavesdropping on you right now (man-in-the-middle attack)! > > It is also possible that the RSA host key has just been changed. > > Please contact your system administrator. > > Add correct host key in /home/nick/.ssh/known_hosts to get rid of this > ^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > message. > > RSA host key for 63.XXX.XXX.2 has changed and you have requested strict > > checking. > > Sometimes it helps reading the messages. Obviously in known_host there > is an entry which doesn't work with 63.xxx.xxx.2 anymore. Find it and > delete it. Next time it will ask you if it should add another one. Say > yes. Bingo! well you should take your own advice and read the message, its possible someone is doing something nasty, it would be prudent to check with the admin of the site in question and find out of they changed the host key. remember that article recently about ssh being vulnerable to man in the middle attacks? the only `vulnerability' is people simply ignoring that very warning and just throwing away thier local copy of the host key and blindly accepting a new one without making sure there is no man in the middle attack occuring. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgppw9PVFybKN.pgp
Description: PGP signature