Security Maintenance (SSH Key Change and Fixes)

What is this?
July 19, 2013 – This is just a heads-up for everyone that you will likely see a key change warning the next time you log in in with your shell user. This is not a cause for concern as it's the result of security maintenance which we are performing to prevent exploitation of weak or outdated keys (the maintenance should completed in the next 24 hours). The resulting warning will look like this, but will show your user and the server key which we have removed from the following example:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is REMOVED FOR SECURITY REASONS Please contact your system administrator. Add correct host key in /home/USER/.ssh/known_hosts to get rid of this message. Offending key in /home/USER/.ssh/known_hosts:10278 Password authentication is disabled to avoid man-in-the-middle attacks. Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.

–

What should I do?
To get rid of the warning, there are three methods. Please keep in mind that the modification to fix this needs to be performed on the client side, so if you are getting this connecting from home/work, you must update that computer.


 * Method One- Delete your entire known_hosts file if you have several hosts in need of updating. On first login, it will confirm the new key.
 * Method Two- Run in your shell a command such as.
 * Method Three- Edit the known_hosts file. In the above case, open the file  in the preferred text editor, and remove the problem line.

The error message lists the line number; it can be found after the file name in the error. In the above example, the line number would be 10,278. If you are using the “vi” editor, you can type “:10278″ without quotes to get to that line, then hit the “d” key twice to delete it. Other editors should have similar features to assist you in removing the line of text.

This should fix it, but please let our support team know if you have any questions or concerns. Thank you again for choosing DreamHost!

If you need further help
You can view some helpful information on how to fix an offending key.

Additional resources:


 * Using ssh-agent with ssh
 * The OpenSSH Project
 * SSH entry at Wikipedia
 * An A-Z Index of Linux BASH commands at Simon Sheppard's website
 * SSH
 * Shell
 * Shell Commands
 * Enabling Shell Access