Can we have better ssh fingerprint collision messages?
David Howells
dhowells at redhat.com
Mon Nov 11 22:38:09 UTC 2013
valent.turkovic at gmail.com <valent.turkovic at gmail.com> wrote:
> I really enjoy working with ssh on Ubuntu just for this simple reason,
> they have user friendly ssh fingerprint collision messages:
>
> $ ssh root at 192.168.1.1
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle attack)!
> It is also possible that a host key has just been changed.
> The fingerprint for the RSA key sent by the remote host is
> c0:3b:b2:60:a6:e2:5e:97:aa:ae:ec:d2:ca:ba:27:1b.
> Please contact your system administrator.
> Add correct host key in /home/valent/.ssh/known_hosts to get rid of
> this message.
> Offending RSA key in /home/valent/.ssh/known_hosts:8
>
>
> I really miss this feature when I return back to Fedora.
> How hard would be to make this behavior default for Fedora also?
I see the message with Fedora.
David
More information about the devel
mailing list