| 1 | | = I'm getting a scary message when I try to login to my account using secure shell or secure FTP = |
| 2 | | |
| 3 | | When you try to [wiki:secure_shell secure shell] (ssh) or [wiki:sftp secure FTP] to our servers, you may get a message along the lines of: |
| 4 | | |
| 5 | | {{{ |
| 6 | | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ |
| 7 | | @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ |
| 8 | | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ |
| 9 | | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! |
| 10 | | Someone could be eavesdropping on you right now (man-in-the-middle attack)! |
| 11 | | It is also possible that the RSA host key has just been changed. |
| 12 | | }}} |
| 13 | | |
| 14 | | The reason you may be getting this message is because May First/People Link has changed the "host keys" for most of our servers due to a [http://wiki.debian.org/SSLkeys security problem] discovered in the program used to generate the keys. |
| 15 | | |
| 16 | | To find out the correct, current "fingerprint" of our servers, please see our [wiki:fingerprints fingerprints] page. |
| 17 | | |
| 18 | | == Making the error message go away == |
| 19 | | |
| 20 | | === Using linux === |
| 21 | | |
| 22 | | You will need to edit your ~/.ssh/known_hosts file. The error message should specify the line number of the "offending" key. Simply delete that line in the file and try again. |
| 23 | | |
| 24 | | === Using Windows === |
| 25 | | |
| 26 | | You should see the new fingerprint. [wiki:fingerprints Confirm that it is correct] and then select the option to save this key permanently. |
| 27 | | The "host keys" are random bits of text that are unique to every server. The randomness of the keys allows us to have a secure, encrypted connection between you and the server. |
| 28 | | |
| 29 | | === Using Macintosh === |
| 30 | | |
| | 1 | [wiki:ssl_host_key_changed This page has been renamed]. |
