CVS: Possible DNS Spoofing
Hi list,
I just tried to update my local CVS directories and all I get is this message:
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> The RSA host key for cvs.debian.org has changed,
> and the key for the corresponding IP address 217.196.43.140
> is unknown. This could either mean that
> DNS SPOOFING is happening or the IP address for the host
> and its host key have changed at the same time.
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle attack)!
> It is also possible that a host key has just been changed.
> The fingerprint for the RSA key sent by the remote host is
> 8c:c0:b8:9f:0a:79:ee:1c:77:c4:b8:a1:70:55:b7:31.
> Please contact your system administrator.
> Add correct host key in /home/erik/.ssh/known_hosts to get rid of this
> message. Offending RSA key in /home/erik/.ssh/known_hosts:1
> RSA host key for cvs.debian.org has changed and you have requested strict
> checking. Host key verification failed.
> cvs [update aborted]: end of file from server (consult above messages if
> any)
Is that problem related to the Alioth update David mentioned in the thread
"Error commiting changes in CVS"? May I trust in that this is just an harmless
key change?
Does somebody else have this alert?
Thanks!
Greets
Erik
Reply to: