Re: An odd warning message?

[Karen Lewellen <klewellen@shellworld.net>]

Hi,
Sorry this is done in a hurry because now the only way I can reach my inbox 
is via dial up and unsecured TELNET.
Yesterday afternoon the admin for shellworld sent me a warning to change 
both of my passwords, which i did.
This  morning I find I cannot ssh TELNET into shellworld, or my own site 
at all.
The  error is that there he dsa key exchange has failed with the remote host 
closing the connexion, closed by peer.
my own provider is fine, I can ssh TELNET elsewhere.
But the dsa key here is now altered in a way likely unplanned by 
shellworld.
More thoughts?
Thanks for the wisdom!
And sorry for the mess.
Kare


On Mon, 16 Mar 2015, Darac Marjal wrote:

> On Mon, Mar 16, 2015 at 11:42:50AM -0400, Karen Lewellen wrote:
> > Hi all,
> > Going to ask about this on other lists, but thought I would check here.
> > I use a shell service called shellworld.
> > www.shellworld.net
> > they also host my domain karenlewellen.com
> > One of the many advantages is that I can ssh -l between both workspaces for
> > tasks.
> > However when I  tried doing this a few moments ago,
> > ssh -l karen karenlewellen.com
> > I got the message,
> > warning permanently added to the dsa key for ip address <address stated
> > correctly> for karenlewellen.com
> > It then asked for my password as normal.
> > I did not complete this ssh because of the warning.
> > should I be concerned about the warning added to the shellworld ip address?
> > the ip was stated correctly, I recognize it from other uses.
>
> I suspect the warning you got was "Permanently added 'karenlewellen.com'
> (RSA) to the list of known hosts".
>
> The typical sequence of events is that, when you connect to a machine,
> SSH establishes a connnection and both sides exchange keys. You
> authenticate to the server, but also the server authenticates itself to
> you. The first time you connect, the key the server presents will be
> unknown so you get a message like:
>
>  The authenticity of host 'penguin.example.net' can't be established.
>  DSA key fingerprint is 94:68:3a:3a:bc:f3:9a:9b:01:5d:b3:07:38:e2:11:0c.
>  Are you sure you want to continue connecting (yes/no)?
>
> If you answer yes here, the key is cached (in ~/.ssh/known_hosts) and
> you get the message:
>
>  Warning: Permanently added 'penguin.example.net' (RSA) to the list of
>  known hosts.
>
> Now, if the key on the remote hosts changes (either because you
> regenerated the host key on the server, or because you're connecting to
> a different host - possibly not to your knowledge), then you get a big
> warning saying
>
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>
> However - and this is the part I'm not too sure on - if you connect to a
> different host and receive a key you already know (for example, if the
> host changes IP address), then I think SSH will do what you've seen:
> warn you that it's using a key that you already trust to connect to a
> different machine. This is only a warning. The chance of somebody being
> able to reproduce your host key on a different machine are considered
> slim.
>
> In summary, your remote host's IP may have changed.
>
> > Thanks,
> > Karen
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org with a subject
> > of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> > Archive: [🔎] Pine.BSF.4.64.1503161133300.68977@server1.shellworld.net">https://lists.debian.org/[🔎] Pine.BSF.4.64.1503161133300.68977@server1.shellworld.net