1 | | = I'm getting a scary message when I try to login to my account using secure shell or secure FTP = |
2 | | |
3 | | When you try to [wiki:secure_shell secure shell] (ssh) or [wiki:sftp secure FTP] to our servers, you may get a message along the lines of: |
4 | | |
5 | | {{{ |
6 | | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ |
7 | | @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ |
8 | | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ |
9 | | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! |
10 | | Someone could be eavesdropping on you right now (man-in-the-middle attack)! |
11 | | It is also possible that the RSA host key has just been changed. |
12 | | }}} |
13 | | |
14 | | The reason you may be getting this message is because May First/People Link has changed the "host keys" for most of our servers due to a [http://wiki.debian.org/SSLkeys security problem] discovered in the program used to generate the keys. |
15 | | |
16 | | To find out the correct, current "fingerprint" of our servers, please see our [wiki:fingerprints fingerprints] page. |
17 | | |
18 | | == Making the error message go away == |
19 | | |
20 | | === Using linux === |
21 | | |
22 | | You will need to edit your ~/.ssh/known_hosts file. The error message should specify the line number of the "offending" key. Simply delete that line in the file and try again. |
23 | | |
24 | | === Using Windows === |
25 | | |
26 | | You should see the new fingerprint. [wiki:fingerprints Confirm that it is correct] and then select the option to save this key permanently. |
27 | | The "host keys" are random bits of text that are unique to every server. The randomness of the keys allows us to have a secure, encrypted connection between you and the server. |
28 | | |
29 | | === Using Macintosh === |
30 | | |
| 1 | [wiki:ssl_host_key_changed This page has been renamed]. |