SSH Host keys

SSH Host Keys to change Thursday January 4 2018

In the meantime, use another algorithm instead: for example, to connect to min.ecn, you would use:
ssh -o HostKeyAlgorithms=ssh-dss  min.ecn.purdue.edu

ECN's servers will have their host keys updated Thursday January 4 2018.

The biggest problem is the ssh client software will see the change of host key as an error, showing a message such as:
 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
 
Because this is a client error, only the users can clear the error and continue. For programs like openssh, this would involve editing the ~/.ssh/known_hosts file. For programs like Putty or SecureCRT, the fix may be more involved.
 
For MacOS and Linux:
 
Open a terminal window on your local machine. 
cd into your .ssh directory
There, you can do one of three things:
ssh-keygen -R hostname   (If your known_host file is in a non-standard location, use [-f known_hosts_file]) 
OR edit/nano/pico known_hosts to remove the lines that pertain to the affected ECN hosts
OR completely remove known_hosts.
 
For Windows:
You are likely to get a prompt indicating that the host key has changed. If that’s the case, you're done. If you are refused the connection, you will have to navigate to one of these two locations and remove the affected host entry file:
Managed PCs: R:\AppData\VanDyke\Config\Known_hosts\
OR Self Managed PCs: C:\Users\<yourusername>\AppData\Roaming\VanDyke\Config\Known_hosts\
 
We will post updated fingerprints here.
 

Last modified: 2018/01/03 10:40:59.822511 US/Eastern by curtis.f.smith.1
Created: 2017/12/06 08:43:8.823416 US/Eastern by sundeep.rao.1.

Categories

Search

Type in a few keywords describing what information you are looking for in the text box below.

Admin Options: Edit this Document