WTA: Warning: Remote Host Identification
Budi Febrianto
bfebrian at gmx.net
Tue Oct 31 05:00:45 UTC 2006
Dear All,
I have 3 linux server, where 1 server (gateway server) the ssh port open
for the public, while the other two is closed, only smtp port is open
for public.
This week I manage the servers from mobile with my notebook installed
opensuse 10.
First I login to gateway server, then after that I login to the other
servers.
But one day, after I successfully loged to the gateway server, and when
trying to login to another server, I have this warning.
>>>>>
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
b4:10:fb:f9:3d:04:b8:86:44:f7:2e:ba:b7:41:82:7c.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:6
RSA host key for abc.xyz.com has changed and you have requested strict
checking.
Host key verification failed.
>>>>>
This mean that my gateway server is under attack, or my others server
under attack?
While remote, the connection is bad, I had several drops connections.
Can this cause of the problem?
The others server are smtp server, an only open smtp port for public.
Best Regards
More information about the redhat-list
mailing list