I have installed various releases of debian many times. I have a local
proxy using approx that makes it very fast.
After posting about a lockup of my desktop Jessie computer, I realized
that whatever advice I got would I got would surely be more
complicated than just reinstalling from a backup that had been made
shortly after 5am yesterday morning using a CD of netinst rc2 that I
made shortly after it was announced. It is now 15min past midnight
local time.
I have four desktop machines running Jessie. I try to keep them a;;
upgraded on whenever new package versions are released. I thought it
would be fast and simple. I was very wrong. This install behaves very
differently in the following way: When I attempt to ssh into one of
the computers that was not re-installed, I get a complaint that:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for gq has changed,
and the key for the corresponding IP address 192.168.1.12
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
51:cf:52:87:6f:13:43:50:73:29:2c:b4:34:11:cd:5c.
Please contact your system administrator.
Add correct host key in /home/pec/.ssh/known_hosts to get rid of this message.
Offending RSA key in /etc/ssh/ssh_known_hosts:3
remove with: ssh-keygen -f "/etc/ssh/ssh_known_hosts" -R gq
RSA host key for gq has changed and you have requested strict checking.
Host key verification failed.
I get this same complaint even after I remove the known_hosts file
entirely. How can the software retain the information that the offending
line is the third line? It must be doing more than the documentation
that I have says its doing, This is a home lan. I use a hosts file to
inform the several computers of the IP addresses of all the computers in
the LAN. The file is identical on all computers and hasn't changed sine
etch. In the past, I was given the option of typing the login password of the
computer that I want to log into, but not now.
I know about openssh-known-hosts. I think it has changed from last I used
it. Now there are plugins that have to be configured. I want to use the
rsync plugin because I know rsync rather well, but what is the procedure
for plugging a plugin into openssh-known-hosts? I can't find a man page.
I don't understand what I should do with the RSA 'fingerprint' doesn't
look at all like a legitimate line in a known_host file. How is it used?
Where is the source of this occult knowledge?
Why does the author of the WARNING presume that there is a different
person, other than the person reading the message who is the actual
'your system administration'? Has someone in NSA or CIA been assigned
to monitor me, and this message breaches global security because I
should not be allowed to know that I am being watch?
Help, please. Tell me what to read.
--
Paul E Condon
pecondon@mesanetworks.net