Re: WTA: Warning: Remote Host Identification
- From: "Atul Tyagi" <tyagi.atul@xxxxxxxxx>
- Date: Tue, 31 Oct 2006 10:44:32 +0530
By any chance did you change the IP address or the Hostname of the internal
server?
On 10/31/06, Budi Febrianto <bfebrian@xxxxxxx> wrote:
--
Dear All,
I have 3 linux server, where 1 server (gateway server) the ssh port open
for the public, while the other two is closed, only smtp port is open
for public.
This week I manage the servers from mobile with my notebook installed
opensuse 10.
First I login to gateway server, then after that I login to the other
servers.
But one day, after I successfully loged to the gateway server, and when
trying to login to another server, I have this warning.
>>>>>
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
b4:10:fb:f9:3d:04:b8:86:44:f7:2e:ba:b7:41:82:7c.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:6
RSA host key for abc.xyz.com has changed and you have requested strict
checking.
Host key verification failed.
>>>>>
This mean that my gateway server is under attack, or my others server
under attack?
While remote, the connection is bad, I had several drops connections.
Can this cause of the problem?
The others server are smtp server, an only open smtp port for public.
Best Regards
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
- Follow-Ups:
- Re: WTA: Warning: Remote Host Identification
- From: Budi Febrianto
- Re: WTA: Warning: Remote Host Identification
- References:
- WTA: Warning: Remote Host Identification
- From: Budi Febrianto
- WTA: Warning: Remote Host Identification
- Prev by Date: WTA: Warning: Remote Host Identification
- Next by Date: Re: WTA: Warning: Remote Host Identification
- Previous by thread: WTA: Warning: Remote Host Identification
- Next by thread: Re: WTA: Warning: Remote Host Identification
- Index(es):
Relevant Pages
- SSH problems - suddenly stopped working
... F-Secure SSH Server will now be started in debug mode. ... 564:SshHostKeyIO
Reading private host key from D:\Program ... 2628:SshConnection: Destroying SshConn
object. ... (comp.security.ssh) - Re: Using SSH2 private key to sign a file
... | Mike wrote: ... |>replication from a central central server, ...
you could use the host key to verify the integrity ... Comment: Using GnuPG with
Mozilla - http://enigmail.mozdev.org ... (comp.security.ssh) - Re: Intrusion or not
... You need GnuPG to verify this message ... > didn't change any host key
and i never got that message before. ... that the server was restarted 2 times last night.
... Investigate why, logrotate from cron might be a reason, but not ... (comp.os.linux.networking) - Re: Intrusion or not
... You need GnuPG to verify this message ... > didn't change any host key
and i never got that message before. ... that the server was restarted 2 times last night.
... Investigate why, logrotate from cron might be a reason, but not ... (comp.security.ssh) - Re: Q: paramiko/SSH/ how to get a remote host_key
... SSH client, if you connect for the first time then you get somethign ... '''
The server's host key is not cached in the registry. ... host_key the first time it connects
to a remote SSH server. ... (comp.lang.python)
