You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@karaf.apache.org by Caspar MacRae <ea...@gmail.com> on 2011/12/02 16:59:57 UTC
host.key
Hello,
When trying to SSH into a fresh copy of a custom distro I keep getting the
error message that the DSA key for that host has changed.
The host.key files from our custom distro are marked read-only and checking
timestamps before and after, also a diff shows no difference. So what am
doing wrong/missing that is causing the SSHd to send out a different key?
Our custom distro builds for different servers with each having separate
properties and a host.key file, but other than that it just contains a
blueprint ldap jaas module, jce provider (bouncy castle), branding, altered
mvn repo urls and features.
thanks,
Caspar
Re: host.key
Posted by Caspar MacRae <ea...@gmail.com>.
Hi JB,
I was doing something stupid; in the assembly.xml I had
<lineEnding>unix</lineEnding> which was mangling the host.key file.
Initially this was causing a new key to be generated only on first run, but
I later compounded the problem by setting it read-only
<fileMode>0444</fileMode> which helped identify the problem as I then got
the warning message with every reboot and attempted login (as the new key
was being generated on each run).
(The message is the normal warning when a host key changes, the same thing
I get when a server is reinstalled: WARNING: REMOTE HOST IDENTIFICATION HAS
CHANGED! ... IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! possible
man-in-the-middle attack ...)
Best regards,
Caspar
On 2 December 2011 16:21, Jean-Baptiste Onofré <jb...@nanthrax.net> wrote:
> Hi Caspar,
>
> what's the message exactly ?
>
> If you have a warning on the DSA key, it could be cause by a change on the
> listening IP address, etc.
>
> Thanks,
> Regards
> JB
>
>
> On 12/02/2011 04:59 PM, Caspar MacRae wrote:
>
>>
>> Hello,
>>
>> When trying to SSH into a fresh copy of a custom distro I keep getting
>> the error message that the DSA key for that host has changed.
>>
>> The host.key files from our custom distro are marked read-only and
>> checking timestamps before and after, also a diff shows no difference.
>> So what am doing wrong/missing that is causing the SSHd to send out a
>> different key?
>>
>> Our custom distro builds for different servers with each having separate
>> properties and a host.key file, but other than that it just contains a
>> blueprint ldap jaas module, jce provider (bouncy castle), branding,
>> altered mvn repo urls and features.
>>
>>
>> thanks,
>> Caspar
>>
>
> --
> Jean-Baptiste Onofré
> jbonofre@apache.org
> http://blog.nanthrax.net
> Talend - http://www.talend.com
>
Re: host.key
Posted by Jean-Baptiste Onofré <jb...@nanthrax.net>.
Hi Caspar,
what's the message exactly ?
If you have a warning on the DSA key, it could be cause by a change on
the listening IP address, etc.
Thanks,
Regards
JB
On 12/02/2011 04:59 PM, Caspar MacRae wrote:
>
> Hello,
>
> When trying to SSH into a fresh copy of a custom distro I keep getting
> the error message that the DSA key for that host has changed.
>
> The host.key files from our custom distro are marked read-only and
> checking timestamps before and after, also a diff shows no difference.
> So what am doing wrong/missing that is causing the SSHd to send out a
> different key?
>
> Our custom distro builds for different servers with each having separate
> properties and a host.key file, but other than that it just contains a
> blueprint ldap jaas module, jce provider (bouncy castle), branding,
> altered mvn repo urls and features.
>
>
> thanks,
> Caspar
--
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com