Sometimes you'll encounter an error message when trying to tunnel to a certain hutch machine using SSH. The following error message is displayed after your tunneled connection is refused:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
This is one of the simple ways to get rid of the problem if the host key has changed (as mentioned in the bottom line of the error message; very very common).
Before you start, note which machine and username you were using when you encountered the issue, and also note the machine to which you were trying to tunnel. (Note that if you see this problem when trying to use VNC to view a remote Windows laptop or oscilloscope (etc.), the VNC runs on mec-daq
, so the error comes from trying to tunnel to mec-daq
.)
efcunn
from mec-laser
to mec-hutch02
, then you would log in as efcunn on mec-laser
.cd ~/.ssh
ls
as I've shown above) is a file called known_hosts
. Inside this file, there are many lines of authentication gibberish for each machine to which you've tunneled previously. The problem above arises when something about the machine/connection changes so that the authentication gibberish doesn't match anymore. The error is thrown because this authentication mismatch could be symptomatic of a "man-in-the-middle" attack where someone pretends to be the machine you're trying to access for the purposes of eavesdropping on your communication.... or something like that (full disclaimer: I'm just a laser guy).known_hosts
using your favorite text editor – vim, emacs, gedit, etc. For example, this can be done by typing gedit known_hosts &
mec-hutch02
, then you would look for mec-hutch02
. (Note again, if you has seen this error while trying to use VNC, then you would look for mec-daq
(as of January 2022).)Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.
|