Changes between Version 17 and Version 18 of ssl_host_key_changed


Ignore:
Timestamp:
May 15, 2008, 4:01:02 PM (17 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • ssl_host_key_changed

    v17 v18  
    6767
    6868=== Using Macintosh ===
    69 Similarly to Linux, you will need to edit your ~/.ssh/known_hosts file. The error message will specify the line number of the "offending" key; for example,
     69
     70Depending on what software you use to connect to our servers, you will see messages like the following:
     71
     72Command line/terminal ssh or sftp:
    7073
    7174{{{
     
    7376}}}
    7477
    75 Here, 26 is the line number of the "offending" key. Edit ~/.ssh/known_hosts and delete the line. To do this using the vim text editor, type the following at the prompt in Terminal:
     78Fugo:
    7679
    7780{{{
    78 vi ~/.ssh/known_hosts
     81Warning: Remote host identification has changed
    7982}}}
    8083
    81 When the file opens, type
     84Cyberduck appears to not generate a message - it just fails to connect.
    8285
     86Unfortunately, none of these programs have an automatic way to fix the bad key.
     87
     88==== Fixing the Problem ====
     89
     90There are two ways to fix the problem in the Macintosh.
     91
     92The first way (via the command line) is more difficult, however, it is more precise, fixing just the key that is broken. The second way (removing entire known_hosts file) is much easier for the novice user, however, it removes all of your "known hosts." If you use this method, you will be prompted to accept the host keys for all servers you connect to in the future (including non May First/People Link servers).
     93
     94===== Command line =====
     95
     96This method applies if you are comfortable using the Mac terminal program.
     97
     98You will need to edit your ~/.ssh/known_hosts file. The error message should specify the line number of the "offending" key. Simply delete that line in the file and try again.
     99
     100For example, if you were trying to connect to `mandela.mayfirst.org`, you can remove the offending key via the command line with:
    83101{{{
    84 :26
     102ssh-keygen -R mandela.mayfirst.org
    85103}}}
    86104
    87 replacing "26" with your offending line number to jump to that line in the file. The name or IP address of the server you were trying to connect to should appear at the beginning of this line. Type
     105==== Using Finder ====
    88106
     107 * From Finder, select Go -> Go to folder...
     108 * Type:
    89109{{{
    90 dd
     110.ssh
    91111}}}
    92 
    93 to delete the line, then type
    94 
    95 {{{
    96 :wq
    97 }}}
    98 
    99 to save your changes and quit. Then, try to connect to the server again. You'll likely get a message saying that the authenticity of the host cannot be established; type "yes" to continue connecting and the new host key will be saved into your known_hosts file.
     112 * You should see a folder open with a file called known_hosts. Drag that file to the trash
     113 * ''''Warning'''': this will remove all the known_hosts from your computer. The next time you use a program to connect to a secure server, you will need to re-verify the host key. This will apply to all servers you connect to, not just the May First/People Link servers.
    100114
    101115