Re: ssh warning about man in middle attack

From: Ident (Ident@bigfoot.com)
Date: 09/22/02


From: Ident <Ident@bigfoot.com>
Date: Sun, 22 Sep 2002 06:21:08 +0400


Paul wrote:

> "ABN" <n@niworld.com> wrote in message
> news:9uhb9.5373$z21.1265237@news20.bellglobal.com...
> > Hi everyone,
> >
> > I went to connect to a machine using ssh to check on email, and for the
> > first time, I got the following message:
> >
> > ---------------------------------------
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > @ WARNING: HOST IDENTIFICATION HAS CHANGED! @
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> > Someone could be eavesdropping on you right now (man-in-the-middle
> attack)!
> > It is also possible that the host key has just been changed.
> > Please contact your system administrator.
> > ----------------------------------------
>
> It is also possible that the O/S on the machine you are connecting to has
> been reinstalled. I have seen this before when the target machine has
> reformatted/reinstalled after some other problem. Perhaps the system admin
> at that site could shed some light on the subject.
>
> PD

Hope you can read up on The Man IN The Middle/
Thois probably the meanest thing a malicious hacker can do IMO.
Tracker



Relevant Pages

  • Re: ssh warning about man in middle attack
    ... Paul wrote: ... >> I went to connect to a machine using ssh to check on email, ... >> first time, ... >> Please contact your system administrator. ...
    (comp.os.linux.security)
  • Re: ssh warning about man in middle attack
    ... > I went to connect to a machine using ssh to check on email, ... > first time, ... > Please contact your system administrator. ... I have seen this before when the target machine has ...
    (comp.os.linux.security)
  • Re: ssh warning about man in middle attack
    ... > I went to connect to a machine using ssh to check on email, ... > first time, ... > Please contact your system administrator. ... I have seen this before when the target machine has ...
    (comp.security.ssh)
  • Re: Two-factor authentication with SSH?
    ... ]As a system administrator I am responsible for the security and the weakest ... ]If I let users log in over SSH with password authentication then basically ... is precisely the use of ssh. ... Security is NOT a technical problem. ...
    (comp.security.ssh)
  • Re: logging on to Windows 2000 Professional
    ... the system administrator to rejoin it for you. ... Microsoft SBS-MVP ... "Paul" schreef in bericht ...
    (microsoft.public.win2000.networking)