From unknown Thu Mar 28 11:06:27 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#241: Changed host key cannot be updated Reply-To: Heinrich Schuchardt , 241@bugs.x2go.org Resent-From: Heinrich Schuchardt Resent-To: x2go-dev@lists.berlios.de Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Sun, 16 Jun 2013 12:48:01 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: report 241 X-X2Go-PR-Package: x2goclient X-X2Go-PR-Keywords: Received: via spool by submit@bugs.x2go.org id=B.13713861955171 (code B); Sun, 16 Jun 2013 12:48:01 +0000 Received: (at submit) by bugs.x2go.org; 16 Jun 2013 12:36:35 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED autolearn=ham version=3.3.2 Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) by ymir (Postfix) with ESMTP id B3C475DB17 for ; Sun, 16 Jun 2013 14:36:34 +0200 (CEST) Received: from mailout-de.gmx.net ([10.1.76.28]) by mrigmx.server.lan (mrigmx001) with ESMTP (Nemesis) id 0M94oF-1Ubnbj1yLl-00CNwf for ; Sun, 16 Jun 2013 14:36:34 +0200 Received: (qmail invoked by alias); 16 Jun 2013 12:36:34 -0000 Received: from ip-109-90-96-202.unitymediagroup.de (EHLO [192.168.123.29]) [109.90.96.202] by mail.gmx.net (mp028) with SMTP; 16 Jun 2013 14:36:34 +0200 X-Authenticated: #41704822 X-Provags-ID: V01U2FsdGVkX19k5XQT2b5kVW0Kw+achSwo8l3ziPOZ2N/PlRugN4 PiWSNvxdxKyOzY Message-ID: <51BDB150.4040306@gmx.de> Date: Sun, 16 Jun 2013 14:36:32 +0200 From: Heinrich Schuchardt User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0.12) Gecko/20130116 Icedove/10.0.12 MIME-Version: 1.0 To: submit@bugs.x2go.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Y-GMX-Trusted: 0 Package: x2goclient Version: 4.0.0.3 Severity: normal Dear maintainer, from time to time the SSH key used for identification by a X2GO server may change. When trying to connect the server a pop up is shown: "Anmeldung fehlgeschlagen" "Host-Key des Servers hat sich geändert Er lautet jetzt: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 Aus Sicherheitsgründen wird die Verbindung abgebrochen" The user is left puzzled with what he should do next. There is no indication in which file there is a problem, e.g. ~/.ssh/known_hosts or %APPDATA%\ssh\known_hosts There is no indication which entry in this file is corrupted. Deleting file known_hosts is a bad idea because it may contain the keys for dozens of validated servers. There are examples of more informative output, e.g. from command line program ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the RSA key sent by the remote host is 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00. Please contact your system administrator. Add correct host key in /home/user/.ssh/known_hosts to get rid of this message. Offending RSA key in /home/user/.ssh/known_hosts:1 RSA host key for 10.0.0.5 has changed and you have requested strict checking. Host key verification failed. Here I can identify the filename: /home/user/.ssh/known_hosts and the line of the the entry: 1 Manual editing of known_hosts is now possible but not too good an idea because it is error prone. A good solution is what you see in PuTTY. A warning pop up is shown and you get the choice to update file known_hosts. Best regards Heinrich Schuchardt