LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

March 2012

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS March 2012

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Ssh access problems
From:	Anne Wilson <[log in to unmask]>
Reply To:	Anne Wilson <[log in to unmask]>
Date:	Mon, 12 Mar 2012 19:24:26 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (56 lines)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/03/12 14:26, Liquori, Kevin wrote:
> On 03/11/2012 06:24 PM, Anne Wilson wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> 
>> In the past I have regularly done updates on my server using ssh
>>  access from this laptop.  I can no longer do this.  It may be 
>> connected with the fact that I installed keychain on both the 
>> server and the laptop?
>> 
>> However - strict-checking is set to "ask" which seems to be the 
>> default.  I get
>> 
>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ 
>> WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @ 
>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT
>> IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could
>> be eavesdropping on you right now (man-in-the-middle attack)! It
>> is also possible that the RSA host key has just been changed.
>> The fingerprint for the RSA key sent by the remote host is 
>> e7:69:b4:4a:b3:31:39:c3:44:42:0a:b5:42:99:de:13. Please contact 
>> your system administrator. Add correct host key in 
>> /home/anne/.ssh/known_hosts to get rid of this message.
>> Offending key in /home/anne/.ssh/known_hosts:3 RSA host key for
>> 192.168.0.40 has changed and you have requested strict checking.
>> Host key verification failed.
>> 
>> On the server I used ssh-keygen to list the fingerprint, and it 
>> matches the above.
> 
> After you have verified that the target host is the host you think
> it is you should be able to remove the old fingerprint like this:
> 
> ssh-keygen -R target_hostname
> 
Hi Kevin.  I was so sure that I had removed the old key - but then
realised that I was unsure about the identity of one of the keys (my
/home tends to go on for distro release after distro release, so the
key could have been there for some time).  I deleted that and tried
again - and this time got contact :-)

Thanks for putting me on the right track.  And thanks, too, to others
who tried to help, on- and off-list.

Anne
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk9eTWYACgkQj93fyh4cnBerYQCfdPwsrdAUgVqFE7qRjMBPIN3J
CsUAnjgtR0G0wrQXDf+2x0rdWlUMVAQb
=tzkS
-----END PGP SIGNATURE-----

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV