[Wylug-help] SSH help requested

Anne Wilson cannewilson at googlemail.com
Sun Jan 1 12:40:47 UTC 2012 

On 01/01/2012 11:30 AM, John Craven wrote:
> I don't understand why you think that line 3 is not the problem. 
> Quote from previous mail:
> 
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @
> WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @ 
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS
> POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be
> eavesdropping on you right now (man-in-the-middle attack)! It is also
> possible that the RSA host key has just been changed. The fingerprint
> for the RSA key sent by the remote host is 
> df:df:a2:17:c3:f3:f4:8c:c5:e2:e3:83:ae:51:78:b3. Please contact your
> system administrator. Add correct host key in
> /home/anne/.ssh/known_hosts to get rid of this message. *_Offending
> key in /home/anne/.ssh/known_hosts:3_* RSA host key for 192.168.0.40
> has changed and you have requested strict checking. Host key
> verification failed.
> 
> It clearly states here that line 3 is the problem.
> 
> I'm wandering if you are editing the right file. I have had this
> message many times when changing a server. The file that you need to
> edit is on your netbook i.e. your 'sending' computer.
> 
> Just delete line 3. It should have the receiving ip number at the 
> begining of the line followed by the auth. key All you need to do is
> delete that line and save the file. Do not replace the line with
> anything else. Just save the file.
> 
> Then you ssh to your new server. You will then be asked for
> confirmation. Type 'yes' That will then add the necessary line to
> your **/home/anne/.ssh/known_hosts** file.
> 
> Hope this makes it clearer than my previous post.
> 
John, you're a star.  It wasn't that I was editing the wrong file, but
you got me onto the right path.

Because my memory is unreliable I always refer back to a how-to when
doing anything like this.  All how-tos say something like "then copy
your public key to the known-hosts file" - can't remember the wording.
Anyway, I literally did that.  After reading this message, I renamed the
known-hosts file, and created a clean, empty file.  I then did as you
said - made the ssh connection, gave my local password, then the
keychain password, and got a connection.  Fired with enthusiasm :-) I
decided to do the same again for external access, so I gave my external
ip, the port forwarded number, and got a connection again.  Finally, I
did the same giving a second open port to be forwarded and got a
connection to this laptop.  I now have any and every connection I might
need while away from home.

Why do I always try to do it the hard way?  :-D

Thanks again

Anne
-- 
Need KDE help?  Try
http://userbase.kde.org or
Http://forum.kde.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.lug.org.uk/pipermail/wylug-help/attachments/20120101/c552553a/attachment.pgp>

More information about the Wylug-help mailing list