Re: what do I do?

From: Gene Cronk (gcronk_at_trsg.net)
Date: 11/14/03

  • Next message: phaser-X: "Re: what do I do?"
    Date: Fri, 14 Nov 2003 14:05:58 -0500
    To: "Gurgul, Dennis J." <DGURGUL@PARTNERS.ORG>
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Which machine got the upgrade? That's the one that needs to have the
    line deleted (I believe)

    Gurgul, Dennis J. wrote:

    | Thanks. Do you mean on the machine I'm ssh'ing FROM?
    |
    | Also, I seemed to fix the problem with:
    | "ssh-keyscan -f list_of_nodes | cat >> known_hosts" in my .ssh
    directory.
    |
    | But I'll try your way if it happens again.
    |
    | Dennis J. Gurgul
    | Partners Health Care System
    | Research Management
    | Research Computing Core
    | 617.724.3169
    |
    |
    | -----Original Message-----
    | From: Gene Cronk [mailto:gcronk@trsg.net]
    | Sent: Friday, November 14, 2003 1:54 PM
    | To: Gurgul, Dennis J.
    | Subject: Re: what do I do?
    |
    |
    | | Offending key in /etc/ssh/ssh_known_hosts:2
    |
    | Delete the second line in /etc/ssh/ssh_known_hosts
    |
    | Gurgul, Dennis J. wrote:
    |
    | | Hi,
    | |
    | | I'm getting the message below after re-installing openssh rpms on a
    Linux
    | | cluster. The last time this happened I just deleted my
    | .ssh/known_hosts file
    | | and then connecting to the nodes went back to normal. But this
    | message persists
    | | in coming up each time I connect. Can someone tell me what to do to
    | make these
    | | computers stop thinking there's a security problem? Do I delete an
    | /etc/ssh
    | | file or something? Thanks.
    | |
    | | HERE'S THE MESSAGE THAT PERSISTS IN SHOWING UP EACH TIME I SSH:
    | | ----------------------
    | | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    | | @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
    | | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    | | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
    | | Someone could be eavesdropping on you right now (man-in-the-middle
    | attack)!
    | | It is also possible that the RSA1 host key has just been changed.
    | | The fingerprint for the RSA1 key sent by the remote host is
    | | a5:3d:fd:53:d8:15:62:84:20:33:72:31:2a:81:5c:c7.
    | | Please contact your system administrator.
    | | Add correct host key in /home/dennis/.ssh/known_hosts to get rid of this
    | | message.
    | | Offending key in /etc/ssh/ssh_known_hosts:2
    | | Password authentication is disabled to avoid man-in-the-middle attacks.
    | | Agent forwarding is disabled to avoid man-in-the-middle attacks.
    | | X11 forwarding is disabled to avoid man-in-the-middle attacks.
    | | -------------------------------------------
    | |
    | | Thanksk for any advice.
    | |
    | | Dennis
    | |
    | | Dennis J. Gurgul
    | | Partners Health Care System
    | | Research Management
    | | Research Computing Core
    | | 617.724.3169
    | |
    |

    - --
    Gene Cronk MCP,iNet+,Network+ (gcronk@trsg.net)
    The Robin Shepherd Group -- Systems Administrator
    Office (904)-359-0981 Ext. 36
    Cell (386)-795-3081
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.3 (MingW32)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

    iD8DBQE/tSeWKFvyxVTltrARAkG/AKCWX+i0DquO0Ye4W8FyCfaI4fJ/KACfbxmF
    pGW/MgEOOCXAxzAaXoBBlwE=
    =9b3C
    -----END PGP SIGNATURE-----


  • Next message: phaser-X: "Re: what do I do?"