ssh: remote host identification has changed...not really

Thufir hawat.thufir at gmail.com
Sun Mar 8 05:41:01 UTC 2015 

On Fri, 27 Feb 2015 10:13:08 +0100, Petter Adsen wrote:

> On Fri, 27 Feb 2015 09:00:14 +0000 (UTC)
> Thufir <hawat.thufir at gmail.com> wrote:
> 
>> I'm getting the following warning:
>> 
>> 
>> thufir at doge:~$
>> thufir at doge:~$ ssh thufir at 192.168.1.2
>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>> @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
>> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
>> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
>> Someone could be eavesdropping on you right now (man-in-the-middle
>> attack)!
>> It is also possible that a host key has just been changed.
>> The fingerprint for the ECDSA key sent by the remote host is
>> 59:51:45:14:9f:0b:43:a2:0c:80:ea:55:35:55:20:ce.
>> Please contact your system administrator.
>> Add correct host key in /home/thufir/.ssh/known_hosts to get rid of
>> this message.
>> Offending RSA key in /home/thufir/.ssh/known_hosts:9
>>   remove with: ssh-keygen -f "/home/thufir/.ssh/known_hosts" -R
>> 192.168.1.2 ECDSA host key for 192.168.1.2 has changed and you have
>> requested strict checking.
>> Host key verification failed.
>> thufir at doge:~$
>> 
>> 
>> but it's almost certainly erroneous.  I have two boxes, tleilax and
>> doge on the LAN.  They use static ip addresses to keep everything
>> simple for me (the router assigns ip addresses based on MAC address).
>> 
>> Both pc's are dual boot:  ubuntu and opensuse.
>> 
>> In this case, it's ubuntu to ubuntu, above.  The warning is due to
>> previous connections were to tleilax when tleilax was running opensuse.
>> 
>> 
>> 
>> I'd like to keep the FQDN for the boxes as they are.  On tleilax,
>> regardless of whether it's ubuntu or opensuse, it has the same fqdn.
>> After all, it can't run both os's concurrently!
>> 
>> 
>> 
>> Am I going to keep getting these warnings, each time I connect with a
>> different configuration?  The next time I connect from doge to tleilax,
>> if tleilax is booted into opensuses, then I'll get a warning message!?
>> 
>> 
>> I kind of like keeping the FQDN tied to, in a way, the MAC address --
>> or at least the physical hardware.  Does this create problems, however?
> 
> Why not copy the host keys from one OS to the other, so that both OS's
> on the same machine have the same host keys?
> 
> Petter


When I copy the host keys, host means the machine I'm connecting to?  I'm 
connecting from doge to tleilax, so doge is the client and tlielax the 
server, right?  By host, that means server?  Making the host..tleilax?


thanks,

Thufir

More information about the ubuntu-users mailing list