[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] quick opensshd question
- Subject: [cobalt-security] quick opensshd question
- From: "Timothy Reiner" <timothy@xxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 25 Mar 2002 15:54:21 +0900
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hello,
So, I've been a lurker on the digest verison of this list for a long time
and have learned much (Thanks) including when and where to install patches,
how to make our server a bit more secure and so forth.
However, in the past two days, there's been a change to our server that has
me a bit worried and I can't seem to find the answer anywhere.
We're using Putty to login to the server remotely (for updating cgi-files,
etc.). Yesterday, when one of our users tried to log in, he was given the
message "warning - the remote server's key fingerprint has changed . . . "
Fortunately, (I think) he decided to abort the connection, instead of
continuing.
I've been told that this is a warning of a "man-in-the-middle" attack.
Could there be any legitimate reason that the key fingerprint changed? Or
should just I assume that someone's intercepting the traffic?
Many thanks in advance,
Tim