[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] ssh 3.1

Subject: [cobalt-security] ssh 3.1
From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 8 Mar 2002 20:32:39 -0500
Organization: Front Street Networks LLC
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Since upgrading my servers with OpenSSH 3.1, this is the response I receive 
when I try to log into my servers from my Mandrake Linux machine with an 
OpenSSH 3.1 client.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
24:20:18:fd:7b:d3:c3:09:91:9c:ba:df:58:12:52:ea.
Please contact your system administrator.
Add correct host key in /home/gerald/.ssh/known_hosts to get rid of this 
message.
Offending key in /home/gerald/.ssh/known_hosts:6
RSA host key for fsn2 has changed and you have requested strict checking.
Host key verification failed.
;=====================end response =======================

I can do a normal login from a Red Hat Linux machine using OpenSSH 3.02 
client.
So it must be something to do with the client, but WHAT.
I have commented out almost everything in sshd_config
TIA for any ideas.

--
Gerald Waugh

Follow-Ups:
- Re: [cobalt-security] ssh 3.1
  - From: Gerald Waugh

Prev by Date: [cobalt-security] Remote Cobalt Raq XTR vulns (fwd)
Next by Date: Re: [cobalt-security] ssh 3.1
Previous by thread: [cobalt-security] Remote Cobalt Raq XTR vulns (fwd)
Next by thread: Re: [cobalt-security] ssh 3.1

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index