[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] quick opensshd question

Subject: Re: [cobalt-security] quick opensshd question
From: David Thurman <dthurman@xxxxxxxxxxxxxxxxxxxx>
Date: Mon, 25 Mar 2002 13:54:10 -0600
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

on 3-25-02 12:27 PM, E.B. Dreger at eddy+public+spam@xxxxxxxxxxxxxxxxx was
reported to have made a statement that said this:

>> Date: Mon, 25 Mar 2002 15:54:21 +0900
>> From: Timothy Reiner <timothy@xxxxxxxxxxxxxxxxxxxx>
> 
> (moderate snipping)
> 
> 
>> We're using Putty to login to the server remotely (for updating
>> cgi-files, etc.).  Yesterday, when one of our users tried to
>> log in, he was given the message "warning - the remote server's
>> key fingerprint has changed . . . "
> 
> Any chance that you generated a new key on the server?  Maybe
> during an upgrade?
> 
> If not, it does sound like a man-in-the-middle attack.  PuTTY is
> seeing a different public key than what it has memorized.
> 
> Ask him what PuTTY shows as the public key.  See if it matches
> ones that you've used, or if it's something totally different.
> 
> 
Or if it is the first time logging in you will get this.
--
Thank you,
David E Thurman
The Web Presence Group
309.676.5688
dthurman@xxxxxxxxxxxxxxxxxxxx
http://www.webpresencegroup.net

Follow-Ups:
- Re: [cobalt-security] quick opensshd question
  - From: E.B. Dreger

References:
- Re: [cobalt-security] quick opensshd question
  - From: E.B. Dreger

Prev by Date: Re: Fw: [cobalt-security] stunnel and outlook
Next by Date: RE: [cobalt-security] STOP ALREADY! - SUN don't care about securityupdate?
Previous by thread: Re: [cobalt-security] quick opensshd question
Next by thread: Re: [cobalt-security] quick opensshd question

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index