|
On 11/12/2013 07:47 AM, Miroslav Suchý
wrote:
2) if you know that some machines change fingerprint and you
*trust it* you can do:
~/.ssh/config:
Host 192.168.1.1
UserKnownHostsFile /dev/null
It always bugged me that the choice was to either disable or
manually edit an obscure file, so I was happy to find that you can
delete stale entries from commandline:
ssh-keygen -R hostname
Admittedly, this is pretty obscure and I think it would be a better
idea if SSH directly allowed an override, perhaps like this:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
23:00:21:33:d4:0f:95:f1:eb:34:b2:57:cf:3f:2c:e7.
If you think it's safe to override this check, you can connect
this time [o] or delete the current host key before connecting [O]:
|
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
