[Nix-dev] Why did my SSH host keys change?
James Cook
james.cook at utoronto.ca
Tue Aug 4 20:32:35 CEST 2015
Over the past couple of weeks I updated two of my NixOS computers on
the unstable branch. In each case, the SSH ED25519 key fingerprint
changed, prompting the message below when I tried to ssh in from other
computers. Any idea what could have caused this?
(I verified manually that I'm probably not being MITMd, i.e. the newly
presented key fingerprint matched /etc/ssh/ssh_host_ed25519_key.pub's
fingerprint.)
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ED25519 key sent by the remote host is
d0:fa:62:4e:78:90:53:1a:45:ea:d4:6a:09:ac:98:28.
Please contact your system administrator.
Add correct host key in /home/james/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/james/.ssh/known_hosts:102
remove with: ssh-keygen -f "/home/james/.ssh/known_hosts" -R ostrich
ED25519 host key for ostrich has changed and you have requested strict checking.
Host key verification failed.
More information about the nix-dev
mailing list