Subject: | |
From: | |
Reply To: | |
Date: | Mon, 12 Mar 2012 19:24:26 +0000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/03/12 14:26, Liquori, Kevin wrote:
> On 03/11/2012 06:24 PM, Anne Wilson wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
>> In the past I have regularly done updates on my server using ssh
>> access from this laptop. I can no longer do this. It may be
>> connected with the fact that I installed keychain on both the
>> server and the laptop?
>>
>> However - strict-checking is set to "ask" which seems to be the
>> default. I get
>>
>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @
>> WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT
>> IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could
>> be eavesdropping on you right now (man-in-the-middle attack)! It
>> is also possible that the RSA host key has just been changed.
>> The fingerprint for the RSA key sent by the remote host is
>> e7:69:b4:4a:b3:31:39:c3:44:42:0a:b5:42:99:de:13. Please contact
>> your system administrator. Add correct host key in
>> /home/anne/.ssh/known_hosts to get rid of this message.
>> Offending key in /home/anne/.ssh/known_hosts:3 RSA host key for
>> 192.168.0.40 has changed and you have requested strict checking.
>> Host key verification failed.
>>
>> On the server I used ssh-keygen to list the fingerprint, and it
>> matches the above.
>
> After you have verified that the target host is the host you think
> it is you should be able to remove the old fingerprint like this:
>
> ssh-keygen -R target_hostname
>
Hi Kevin. I was so sure that I had removed the old key - but then
realised that I was unsure about the identity of one of the keys (my
/home tends to go on for distro release after distro release, so the
key could have been there for some time). I deleted that and tried
again - and this time got contact :-)
Thanks for putting me on the right track. And thanks, too, to others
who tried to help, on- and off-list.
Anne
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk9eTWYACgkQj93fyh4cnBerYQCfdPwsrdAUgVqFE7qRjMBPIN3J
CsUAnjgtR0G0wrQXDf+2x0rdWlUMVAQb
=tzkS
-----END PGP SIGNATURE-----
|
|
|