[TriLUG] SSH on Fedora 7 question
Brian Daniels
bitmage at pobox.com
Tue Jun 5 09:43:04 EDT 2007
On Tue, Jun 05, 2007 at 09:29:16AM -0400, Matt Pusateri wrote:
> Are you connecting via ip address or hostname (Host
> 'xxxxxx.dyndns.org')? Is the IP in your known_hosts file? Has the IP
> of your dyndns.org host recently changed. You may just want to verify
> your key off the server, delete the entry from your known_hosts file and
> then when you reconnect verify and accept the key. I would expect
> that if you were getting some hostname ip mismatch that you would get a
> different error, such as the man in the middle attack message since the
> IP/Hostname wouldn't match your known_hosts. Also are the perms right
> on your known_hosts, are you somehow having trouble writing the IP into
> known_hosts b/c of a permissions issue?
>
> Matt P.
I was connecting by hostname, and the ip address was not in my known_hosts file.
I had copied the known_hosts file from my FC6 install, so I wouldn't lose the
security info.
To test, I tried removing my known_hosts file and reconnecting. I got the
warning about reaching an unknown server, which I accepted.
It looks like the format of the known_hosts file has changed. On FC6, entries
looked like this:
xxx.ip.addr.106 ssh-dss AAAA.....
now on F7, they look like this:
[xxxxxx.dyndns.org]:22,[xxx.ip.addr.156]:22 ssh-rsa AAAA.....
So it's now storing the port number and other info that it didn't track before.
I'm not sure why it doesn't automatically update the old entries. Once it
creates a new entry, the error goes away.
--Brian
--
Be it thy course to busy giddy minds
With foreign quarrels; that action, hence borne out,
May waste the memory of the former days.
Henry IV, Part 2
Brian Daniels bitmage at pobox.com
http://www.eviloverlord.net
More information about the TriLUG
mailing list