savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers] Savannah SSH key changed?

From: Hugo Gayosso
Subject: Re: [Savannah-hackers] Savannah SSH key changed?
Date: 06 Jan 2004 20:49:37 -0500
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jason Rumney <address@hidden> writes:

> When attempting to check in some changes just now, I received the
> following message.
> 
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> The RSA host key for cvs.gnu.org has changed,
> and the key for the according IP address 199.232.41.3
> is unknown. This could either mean that
> DNS SPOOFING is happening or the IP address for the host
> and its host key have changed at the same time.
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
> @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @ 
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ 
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! 
> Someone could be eavesdropping on you right now (man-in-the-middle attack)! 
> It is also possible that the RSA host key has just been changed. 
> The fingerprint for the RSA key sent by the remote host is 
> 80:5a:b0:0c:ec:93:66:29:49:7e:04:2b:fd:ba:2c:d5. 

According to the announcement at:
https://savannah.gnu.org/forum/forum.php?forum_id=2752

That fingerprint is correct, quoting from the announcement:

" (3) The host SSH keys for savannah.gnu.org, savannah.nongnu.org,
subversions.gnu.org, etc. have changed. They are as follows:

DSA 1024 4d:c8:dc:9a:99:96:ae:cc:ce:d3:2b:b0:a3:a4:95:a5
RSA 1024 80:5a:b0:0c:ec:93:66:29:49:7e:04:2b:fd:ba:2c:d5

You will prompted for these the first time you use SSH to connect.  If
you have older keys stored in your known_hosts file, you may get a
message that says there is a "nasty problem". If so, remove the
offending entry from your ~/.ssh/known_hosts, and reconnect. SSH will
prompt you to authenticate anew with one of the keys above. "


Greetings,
- -- 
Hugo Gayosso
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/+2WxMNObVRBZveYRAjGWAJ0Qr4cx9lNio1uRj/EozJLWPEw0pgCffEZm
YY9KVsfW9l1tN9efp7Sk86k=
=HDPy
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]