Ssh Keys Hostname VS Fqdn – Offends?
Hi guys
Though being a mere user, – as opposed to an expert – in many long years of SSH in my use this, is new:
-> $ SSH box5.proxmox.mine hostname -i
10.3.1.78
-> $ SSH box5 hostname -i Warning: the RSA host key for ‘box5’ differs from the key for the IP address ‘10.3.1.78’
Offending key for IP in /root/.ssh/known_hosts:2
Matching host key in /etc/ssh/ssh_known_hosts:2
Are you sure you want to continue connecting (yes/no)? yes
10.3.1.78
This is same one host I _ssh_ to. Is this purely _ssh_ and way to fix it would be
‘configuration’ or perhaps (ssh &) something else?
I don’t quite get what exactly is happening here.
many thanks, L.
3 thoughts on - Ssh Keys Hostname VS Fqdn – Offends?
–When you create a new SSH host (ie. run sshd) for the first time, a host key is created that uniquely identifies the host. When a client connects to that host for the first time, it caches that key in its ssh_known_hosts file. It’s just a line of text with the host name (or IP address if no name)and its key. If the client later connects and discovers a different key, that’s a clue that someone is trying to scam you and pretend to be that trusted host. If you know the host is ok, then something changed its key. The simple fix for that is to remove any lines in ssh_known_hosts for that host and let the client re-learn the new key. But be sure you’re really connecting to the host you think you’re connecting to. On a corporate network, an evil machine might be using ARP spoofing to pretend to be the IP you want.
HI,
Am 01.01.24 um 16:48 schrieb Kenneth Porter:
Maybe it’s time to switch to Host-Zertificates? Use your prefered translation-Service here:
→ https://dokuwiki.nausch.org/doku.php/linux:ssh:tofu_und_cert ←
This page describes IMHO quite well where your “problem” is.
ttyl Django
You can make use of ssh-keygen and ssh-keyscan (man is your friend in this endeavor) to help make sense of what’s in your known_hosts file.