RE: WTA: Warning: Remote Host Identification

Howdy,

If you have logged onto the abc.xyz.com server from an internal address (say
192.168.x.x) and you are now trying to login to the same server remotely at
say (213.165.65.x) AND your server's internal and external DNS name is the
same, you'll get this error. This error is usually related to this type of
setup and generally not something to be worried about.

Drew

-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx]
On Behalf Of Budi Febrianto
Sent: Tuesday, October 31, 2006 1:37 AM
To: General Red Hat Linux discussion list
Subject: Re: WTA: Warning: Remote Host Identification

Atul Tyagi wrote:
By any chance did you change the IP address or the Hostname of the
internal
server?
No, I did not changed anything.

On 10/31/06, Budi Febrianto <bfebrian@xxxxxxx> wrote:

Dear All,

I have 3 linux server, where 1 server (gateway server) the ssh port open
for the public, while the other two is closed, only smtp port is open
for public.
This week I manage the servers from mobile with my notebook installed
opensuse 10.
First I login to gateway server, then after that I login to the other
servers.
But one day, after I successfully loged to the gateway server, and when
trying to login to another server, I have this warning.


@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
b4:10:fb:f9:3d:04:b8:86:44:f7:2e:ba:b7:41:82:7c.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this
message.
Offending key in /root/.ssh/known_hosts:6
RSA host key for abc.xyz.com has changed and you have requested strict
checking.
Host key verification failed.


This mean that my gateway server is under attack, or my others server
under attack?
While remote, the connection is bad, I had several drops connections.
Can this cause of the problem?

The others server are smtp server, an only open smtp port for public.

Best Regards

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

Relevant Pages