Hi,
ssh'ing to yarrow gives:
| [tim@passepartout ~]$ ssh yarrow.toolserver.org | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | The RSA host key for yarrow.toolserver.org has changed, | and the key for the corresponding IP address 91.198.174.216 | is unknown. This could either mean that | DNS SPOOFING is happening or the IP address for the host | and its host key have changed at the same time. | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! | Someone could be eavesdropping on you right now (man-in-the-middle attack)! | It is also possible that a host key has just been changed. | The fingerprint for the RSA key sent by the remote host is | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af. | Please contact your system administrator. | Add correct host key in /home/tim/.ssh/known_hosts2 to get rid of this message. | Offending DSA key in /home/tim/.ssh/known_hosts2:1 | RSA host key for yarrow.toolserver.org has changed and you have requested strict checking. | This is the Wikimedia Toolserver. | [...]
Was this intentional?
Tim
On 13 January 2013 21:51, Tim Landscheidt tim@tim-landscheidt.de wrote:
ssh'ing to yarrow gives:
| [tim@passepartout ~]$ ssh yarrow.toolserver.org | The RSA host key for yarrow.toolserver.org has changed, | and the key for the corresponding IP address 91.198.174.216 | is unknown.
| The fingerprint for the RSA key sent by the remote host is | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af.
Was this intentional?
Yarrow was used as name for at least one other server before the current login server. This one was installed recently (july), and your host keys might be older (and thus correspond to the wrong server).
Merlijn
Merlijn van Deen valhallasw@arctus.nl wrote:
ssh'ing to yarrow gives:
| [tim@passepartout ~]$ ssh yarrow.toolserver.org | The RSA host key for yarrow.toolserver.org has changed, | and the key for the corresponding IP address 91.198.174.216 | is unknown.
| The fingerprint for the RSA key sent by the remote host is | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af.
Was this intentional?
Yarrow was used as name for at least one other server before the current login server. This one was installed recently (july), and your host keys might be older (and thus correspond to the wrong server).
No, I use yarrow regularly and the behaviour changed this weekend. After comparing backups, the only change was a ~/.ssh/known_hosts2 with the contents:
| yarrow.toolserver.org ssh-dss [...]==
After removing this file, ssh ceased to complain.
I played around with Net::SSH::Perl & Co. this weekend, and my assumption is that - as it doesn't work quote right :-) - it dumped an invalid key to this file which caused ssh to barf.
So: No RSA key changed on yarrow :-).
Tim
Yarrow's keys haven't changed for me.
On Sun, Jan 13, 2013 at 3:51 PM, Tim Landscheidt tim@tim-landscheidt.dewrote:
Hi,
ssh'ing to yarrow gives:
| [tim@passepartout ~]$ ssh yarrow.toolserver.org | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | The RSA host key for yarrow.toolserver.org has changed, | and the key for the corresponding IP address 91.198.174.216 | is unknown. This could either mean that | DNS SPOOFING is happening or the IP address for the host | and its host key have changed at the same time. | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! | Someone could be eavesdropping on you right now (man-in-the-middle attack)! | It is also possible that a host key has just been changed. | The fingerprint for the RSA key sent by the remote host is | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af. | Please contact your system administrator. | Add correct host key in /home/tim/.ssh/known_hosts2 to get rid of this message. | Offending DSA key in /home/tim/.ssh/known_hosts2:1 | RSA host key for yarrow.toolserver.org has changed and you have requested strict checking. | This is the Wikimedia Toolserver. | [...]
Was this intentional?
Tim
Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/toolserver-l Posting guidelines for this list: https://wiki.toolserver.org/view/Mailing_list_etiquette
According to https://fingerprints.toolserver.org/ , yarrow's RSA fingerprint is 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af , which is what you're being sent. Presumably Merlijn van Deen is correct, and your known_hosts file is referring to the older server.
(Sorry for the double-reply, this only occurred to me after I sent the previous message.)
On Sun, Jan 13, 2013 at 4:06 PM, Wolfgang Faust wolfgangmcq@gmail.comwrote:
Yarrow's keys haven't changed for me.
On Sun, Jan 13, 2013 at 3:51 PM, Tim Landscheidt tim@tim-landscheidt.dewrote:
Hi,
ssh'ing to yarrow gives:
| [tim@passepartout ~]$ ssh yarrow.toolserver.org | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | The RSA host key for yarrow.toolserver.org has changed, | and the key for the corresponding IP address 91.198.174.216 | is unknown. This could either mean that | DNS SPOOFING is happening or the IP address for the host | and its host key have changed at the same time. | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! | Someone could be eavesdropping on you right now (man-in-the-middle attack)! | It is also possible that a host key has just been changed. | The fingerprint for the RSA key sent by the remote host is | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af. | Please contact your system administrator. | Add correct host key in /home/tim/.ssh/known_hosts2 to get rid of this message. | Offending DSA key in /home/tim/.ssh/known_hosts2:1 | RSA host key for yarrow.toolserver.org has changed and you have requested strict checking. | This is the Wikimedia Toolserver. | [...]
Was this intentional?
Tim
Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/toolserver-l Posting guidelines for this list: https://wiki.toolserver.org/view/Mailing_list_etiquette
-- This message has been encoded in 128ROT13 for security. If you are unable to view it, please consult an optometrist.
toolserver-l@lists.wikimedia.org