X2Go Bug report logs - #241
Changed host key cannot be updated

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: Heinrich Schuchardt <xypron.glpk@gmx.de>

Date: Sun, 16 Jun 2013 12:48:01 UTC

Severity: normal

Tags: patch, pending

Found in version

Fixed in version

Done: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

Received: (at submit) by bugs.x2go.org; 16 Jun 2013 12:36:35 +0000
From xypron.glpk@gmx.de  Sun Jun 16 14:36:34 2013
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
X-Spam-Status: No, score=0.0 required=5.0 tests=FREEMAIL_FROM,
	RCVD_IN_DNSWL_BLOCKED autolearn=ham version=3.3.2
Received: from mout.gmx.net (mout.gmx.net [])
	by ymir (Postfix) with ESMTP id B3C475DB17
	for <submit@bugs.x2go.org>; Sun, 16 Jun 2013 14:36:34 +0200 (CEST)
Received: from mailout-de.gmx.net ([]) by mrigmx.server.lan
 (mrigmx001) with ESMTP (Nemesis) id 0M94oF-1Ubnbj1yLl-00CNwf for
 <submit@bugs.x2go.org>; Sun, 16 Jun 2013 14:36:34 +0200
Received: (qmail invoked by alias); 16 Jun 2013 12:36:34 -0000
Received: from ip-109-90-96-202.unitymediagroup.de (EHLO []) []
  by mail.gmx.net (mp028) with SMTP; 16 Jun 2013 14:36:34 +0200
X-Authenticated: #41704822
X-Provags-ID: V01U2FsdGVkX19k5XQT2b5kVW0Kw+achSwo8l3ziPOZ2N/PlRugN4
Message-ID: <51BDB150.4040306@gmx.de>
Date: Sun, 16 Jun 2013 14:36:32 +0200
From: Heinrich Schuchardt <xypron.glpk@gmx.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.12) Gecko/20130116 Icedove/10.0.12
MIME-Version: 1.0
To: submit@bugs.x2go.org
Subject: Changed host key cannot be updated
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
X-Y-GMX-Trusted: 0
Package: x2goclient
Severity: normal

Dear maintainer,

from time to time the SSH key used for identification by a X2GO server 
may change.

When trying to connect the server a pop up is shown:

"Anmeldung fehlgeschlagen"
"Host-Key des Servers hat sich geändert Er lautet jetzt:
Aus Sicherheitsgründen wird die Verbindung abgebrochen"

The user is left puzzled with what he should do next.

There is no indication in which file there is a problem, e.g.

There is no indication which entry in this file is corrupted.

Deleting file known_hosts is a bad idea because it may contain the keys 
for dozens of validated servers.

There are examples of more informative output, e.g. from command line 
program ssh:

Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this 
Offending RSA key in /home/user/.ssh/known_hosts:1
RSA host key for has changed and you have requested strict 
Host key verification failed.

Here I can identify the filename: /home/user/.ssh/known_hosts
and the line of the the entry: 1

Manual editing of known_hosts is now possible but not too good an idea 
because it is error prone.

A good solution is what you see in PuTTY. A warning pop up is shown and 
you get the choice to update file known_hosts.

Best regards

Heinrich Schuchardt

Send a report that this bug log contains spam.

X2Go Developers <owner@bugs.x2go.org>. Last modified: Sun Aug 18 06:51:11 2019; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.