Sigh...Mac error message...really???

[SkyHog]

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.

I get the error, and I understand why its presented (and how to fix it), but seriously....what am I, like 5 years old?

 

[flhrci]

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.

I get the error, and I understand why its presented (and how to fix it), but seriously....what am I, like 5 years old?

Is that something like a virus or what? If that is from the operating system, it seems a bit dumb.

David

 

[SkyHog]

Is that something like a virus or what?

David

Nope. Its a warning because I moved a VM to another host and then SSHed into it. Completely understandable error message, but its a little childish.

 

[denverpilot]

That is the standard warning message from OpenSSH on all platforms. Not just a Mac.

 

[denverpilot]

I should have finished that thought...

The folks who write OpenSSH are brilliant but not exactly high on the social skills food chain.

Many years of watching Theo de Raat **** various people off brings me to this conclusion.

OpenSSH "correctly" implements key checking, but how many people properly move the keys via trusted media between machines instead of letting OpenSSH do it at first connect, or even check that someone didnt do a man-in-the-middle of the initial key exchange? Probably less than 5%.

 

[flyingcheesehead]

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.

I get the error, and I understand why its presented (and how to fix it), but seriously....what am I, like 5 years old?

I was gonna say, where the hell did you see that? Sure doesn't look like a "Mac" error to me... But Nate solved the mystery way too quickly:

That is the standard warning message from OpenSSH on all platforms. Not just a Mac.

So it's not a "Mac error" at all. Nice try, though.

 

[SCCutler]

As I believe we all know, Macs do not have errors; only their users.

 

[denverpilot]

I wasn't making any Mac vs. Windows vs. anything else comments. Only that this same error will come up when the host key in your local directory for your user doesn't match the host key stored the last time you went to that machine.

Usually it happens when the machine is reloaded, or moved to a new virtual, or... anything that makes SSH on the other side have a new private key.

The "fix" is easy - go into the local cache file and remove the entry line for that machine. It's cut off in the example above, but it tells you the file/location of your local cache file. vi <filename> ... down to the line for that machine, dd, :wq!, done.

Standard UNIX OpenSSH admin stuff here. Nothing Mac about it, other than Mac's run on a flavor of BSD, kinda...

For a longer-term solution -- when setting up a new Unix system, create SSH keypair during the install, copy the public key to your local machine, use keypair access only, and turn off password login support.

That'd be "normal" keypair use in a production Unix environment.

But that's a bit "hardcore" for the average non-production system SSH user.

No "Mac attitude" from me here on this one. This is just basic OpenSSH usage stuff. The wording of the error itself comes from the OpenSSH folks, not Apple, not HP (HP-UX), not IBM (AIX), not Oracle/Sun (Solaris), etc etc etc... it's the same error on all platforms that rely on OpenSSH upstream unless the vendor decided to repackage OpenSSH and change all the error messages, and that'd be crazy, since all the books, websites, and other references would have this error message in them... since OpenSSH began.

I first saw this error message sometime around 1991 or so, I suppose. Long ago enough that I don't remember. Don't think I needed the O'Reilly book on OpenSSH to figure this one out.... needed the book back then to figure out how to build keystores for multiple admins using key-based logins without passwords though.

Some tools have come along since then that make that part a little easier... but it's still pretty hokey. Most of the other methods of user authentication are worse than just managing your key cache...

 

[jesse]

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.

I get the error, and I understand why its presented (and how to fix it), but seriously....what am I, like 5 years old?

Not a mac error. That's a pretty standard OpenSSH error and you'll see it on pretty much every platform if you connect to a host name that once had a different public key.

It has nothing to do with moving a virtual machine. It happens because the public key changed on a hostname you've previously connected to which is often an indicator of something very bad. Even with that error most people still don't take it seriously and think through why the public key changed.

Take a look at your ~/.ssh directory. There will be a known_hosts file in there which is the cache for host name / public key strings.

Once again just moving a VM wouldn't do it. An example that would:
1.) ssh -l root nickserver1 .. and connect successfully
2.) shut down nickserver1 . bring up new server as nickserver1 which would have a new public key
3.) ssh -l root nickserver1 .. you'd get that error.

 

[SkyHog]

Not a mac error. That's a pretty standard OpenSSH error and you'll see it on pretty much every platform if you connect to a host name that once had a different public key.

It has nothing to do with moving a virtual machine. It happens because the public key changed on a hostname you've previously connected to which is often an indicator of something very bad. Even with that error most people still don't take it seriously and think through why the public key changed.

Take a look at your ~/.ssh directory. There will be a known_hosts file in there which is the cache for host name / public key strings.

Once again just moving a VM wouldn't do it. An example that would:
1.) ssh -l root nickserver1 .. and connect successfully
2.) shut down nickserver1 . bring up new server as nickserver1 which would have a new public key
3.) ssh -l root nickserver1 .. you'd get that error.

It was an easy fix, just had to store the new key (I don't generally allow ssh to create the keys for me, although in my internal network, often I do). What happened here was moving a VM from one host to another, and standing up a different VM with the same host name on the old host.

Not a big deal, easy solution, it was the error message that boggled my mind. "SOMEONE IS DOING SOMETHING NASTY!!!" screams lame.

 

[PittsDriver]

Not a big deal, easy solution, it was the error message that boggled my mind. "SOMEONE IS DOING SOMETHING NASTY!!!" screams lame.

I'm sure the guys that wrote the original BSD Unix got "LAME" screamed at them many times. Good thing they didn't care what people (girls specifically) thought of them or we might all have no choice but to use a Microsoft based OS.