[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] quick opensshd question

Subject: Re: [cobalt-security] quick opensshd question
From: "E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>
Date: Mon, 25 Mar 2002 18:27:23 +0000 (GMT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> Date: Mon, 25 Mar 2002 15:54:21 +0900
> From: Timothy Reiner <timothy@xxxxxxxxxxxxxxxxxxxx>

(moderate snipping)


> We're using Putty to login to the server remotely (for updating
> cgi-files, etc.).  Yesterday, when one of our users tried to
> log in, he was given the message "warning - the remote server's
> key fingerprint has changed . . . "

Any chance that you generated a new key on the server?  Maybe
during an upgrade?

If not, it does sound like a man-in-the-middle attack.  PuTTY is
seeing a different public key than what it has memorized.

Ask him what PuTTY shows as the public key.  See if it matches
ones that you've used, or if it's something totally different.


Eddy

Brotsman & Dreger, Inc. - EverQuick Internet Division
Phone: +1 (316) 794-8922 Wichita/(Inter)national
Phone: +1 (785) 865-5885 Lawrence
--

Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.  Do NOT
send mail to <blacklist@xxxxxxxxx>, or you are likely to be blocked.

Follow-Ups:
- Re: [cobalt-security] quick opensshd question
  - From: David Thurman

References:
- [cobalt-security] quick opensshd question
  - From: Timothy Reiner

Prev by Date: Re: [cobalt-security] stunnel and outlook
Next by Date: Re: Fw: [cobalt-security] stunnel and outlook
Previous by thread: [cobalt-security] quick opensshd question
Next by thread: Re: [cobalt-security] quick opensshd question

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index