[SAC] secure/ldap host ssh key changed
Sandro Santilli
strk at kbt.io
Mon Aug 8 10:05:17 PDT 2016
Figured, sorry for the noise. The man in the middle was myself,
as I had pointed ldap.osgeo.org to the local host in the past,
to implement tunnel based LDAP authentication.
--strk;
On Mon, Aug 08, 2016 at 07:03:31PM +0200, Sandro Santilli wrote:
> On Mon, Aug 08, 2016 at 07:01:40PM +0200, Sandro Santilli wrote:
> > Upon attempting to connect to ldap.osgeo.org (aka secure.osgeo.org)
> > I got an ssh warning:
> >
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> > Someone could be eavesdropping on you right now (man-in-the-middle
> > attack)!
> > It is also possible that a host key has just been changed.
> > The fingerprint for the RSA key sent by the remote host is
> > 0d:08:e9:f0:da:e2:dc:d1:1f:c6:90:31:4f:e6:78:ed.
> >
> > Was is done intentionally ? Can anyone confirm the fingerprint
> > in an independent way (should we keep that fingerprint somewhere
> > else for reference ?)
>
> For the record: connecting from the "tracsvn" machine reports
> that the RSA key fingerprint is
> a7:05:f6:a5:02:ec:92:73:4a:0a:12:16:4c:11:e1:1c.
>
> --strk;
More information about the Sac
mailing list