Re: Problem in logging in freerunner through ssh
Hello, On Thu, Jul 17, 2008 at 11:11 PM, Stroller <[EMAIL PROTECTED]> wrote: > I keep the following command in my .bash_profile: > > alias ssg="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/ > dev/null" Ah. That's very useful. Thanks for sharing! -- Regards Torfinn Ingolfsen ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
I keep the following command in my .bash_profile: alias ssg="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/ dev/null" I then `ssg` to hosts which are liable to have changing ssh keys. Joachim Steiger's suggestion, limiting relaxed HostKeyChecking to a single IP is less useful to me, because I most always have a machine or two on the network which are getting fresh or temporary o/s installs, or which receive dynamic addresses (and which consequently share the 192.168.1.100 - 192.168.1.102 range of addresses). His suggestion causes me to wonder if I should just disable HostKeyChecking for all addresses in 192.168.x.y, but the thought does pique my paranoia. Stroller. On 17 Jul 2008, at 20:26, Marcus Bauer wrote: > > Paul Bonser answered already with the fix. > > I'll add the reason: whenever you connect to an unknown system, you > are > asked if you want to accept the key like this: > > - > The authenticity of host '192.168.0.202 (192.168.0.202)' can't be > established. > RSA key fingerprint is d8:c1:d2:ac:e9:57:9f:ed:1d:ee:b3:fa:62:04:8c: > 6c. > Are you sure you want to continue connecting (yes/no)? > - > > and when you answer 'yes' the public key will be saved to your > ~/.ssh/known_hosts file. This prevents the so called > man-in-the-middle-attack. Search google or wikipedia for more details. > > If you reflash your phone, the public key changes (it is unique and > generated on the first boot) and your ssh believes there is an attack. > Somewhere on the wiki is a description how to shut this behaviour off, > but I hope nobody will ever inactivate this vigilance. > ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Somebody in the thread at some point said: |> My local network is 192.168.0.0/24, so it makes a problem to route to |> Freerunner default IP... I use this script as root on my Fedora host |> laptop to take care of assigning an IP and hst route and whenever I hook |> a Freerunner up | | why don't you simple change the ip? I have to work with random phones which ship like that :-) - -Andy -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkh/p5AACgkQOjLpvpq7dMovWwCcD+ywdfMGuwR30UywOivUp4ya 3psAn3bN5uc2RiGMm5LIpXWHFnSUSYkw =k3q/ -END PGP SIGNATURE- ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
> My local network is 192.168.0.0/24, so it makes a problem to route to > Freerunner default IP... I use this script as root on my Fedora host > laptop to take care of assigning an IP and hst route and whenever I hook > a Freerunner up why don't you simple change the ip? ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Somebody in the thread at some point said: | pay attention that if you ssh to that other computer you'll get the same | warning. | | note: 192.168.0.202 is IANA private use, so it's normal to have | duplicates of that IP among different | network My local network is 192.168.0.0/24, so it makes a problem to route to Freerunner default IP... I use this script as root on my Fedora host laptop to take care of assigning an IP and hst route and whenever I hook a Freerunner up #!/bin/sh while [ 1 ] ; do ~ sleep 5s ~ if [ ! -z "`ifconfig usb0`" ] ; then ~ if [ -z "`ifconfig usb0 | grep "inet addr"`" ] ; then ~ ifconfig usb0 192.168.0.200 ~ route add 192.168.0.202 usb0 ~ route del -net 192.168.0.0 netmask 255.255.255.0 usb0 ~ fi ~ fi done - -Andy -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkh/oxMACgkQOjLpvpq7dMqjCQCeOSkqqK3uX46zbVcrXyECJgZO 39cAnRmvEXzE+Bonil+Nb6+IwbBHt1mv =sSqR -END PGP SIGNATURE- ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
> > Somewhere on the wiki is a description how to shut this > behaviour off, > but I hope nobody will ever inactivate this vigilance. > > Thanks for the explanation... > > Regards... > I have to add that Joachim Steigers suggestion is very okay too, as it only deactivates the key checking for one specific host - in this case your Neo. 'man ssh_config' gives you detailed information. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
On Fri, Jul 18, 2008 at 12:56 AM, Marcus Bauer <[EMAIL PROTECTED]> wrote: > > Paul Bonser answered already with the fix. yeah , it solved the problem. > > > I'll add the reason: whenever you connect to an unknown system, you are > asked if you want to accept the key like this: > > - > The authenticity of host '192.168.0.202 (192.168.0.202)' can't be > established. > RSA key fingerprint is d8:c1:d2:ac:e9:57:9f:ed:1d:ee:b3:fa:62:04:8c:6c. > Are you sure you want to continue connecting (yes/no)? > - > > and when you answer 'yes' the public key will be saved to your > ~/.ssh/known_hosts file. This prevents the so called > man-in-the-middle-attack. Search google or wikipedia for more details. > > If you reflash your phone, the public key changes (it is unique and > generated on the first boot) and your ssh believes there is an attack. > Somewhere on the wiki is a description how to shut this behaviour off, > but I hope nobody will ever inactivate this vigilance. > Thanks for the explanation... Regards... > HTH, best regards, > Marcus > > > > > On Fri, 2008-07-18 at 00:40 +0530, saurabh gupta wrote: > > Hi all, > > > > I followed the steps given in "Getting started with freerunner" on > > wiki to install the sample application in my free runner. I started > > the FR normally and then connect it through a usb cable. However > > after executing the command : > > sudo ifconfig usb0 192.168.0.200 netmask 255.255.255.0 > > when i executed "ssh [EMAIL PROTECTED]", the following error message > > occurred: > > > > > > @@@ > > @WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > > @@@ > > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > > Someone could be eavesdropping on you right now (man-in-the-middle > > attack)! > > It is also possible that the RSA host key has just been changed. > > The fingerprint for the RSA key sent by the remote host is > > 37:a6:d4:f0:35:89:7c:6f:85:c4:9a:2f:31:c5:3f:35. > > Please contact your system administrator. > > Add correct host key in /home/saurabhg/.ssh/known_hosts to get rid of > > this message. > > Offending key in /home/saurabhg/.ssh/known_hosts:3 > > RSA host key for 192.168.0.202 has changed and you have requested > > strict checking. > > Host key verification failed. > > > > = > > > > Can anyone suggest me the problem and the solution to fix it. > > > > Thanks ... > > > > -- > > Saurabh Gupta > > Electronics and Communication Engg. > > > > > > ___ > > Openmoko community mailing list > > community@lists.openmoko.org > > http://lists.openmoko.org/mailman/listinfo/community > > > ___ > Openmoko community mailing list > community@lists.openmoko.org > http://lists.openmoko.org/mailman/listinfo/community > -- Saurabh Gupta Electronics and Communication Engg. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
Paul Bonser answered already with the fix. I'll add the reason: whenever you connect to an unknown system, you are asked if you want to accept the key like this: - The authenticity of host '192.168.0.202 (192.168.0.202)' can't be established. RSA key fingerprint is d8:c1:d2:ac:e9:57:9f:ed:1d:ee:b3:fa:62:04:8c:6c. Are you sure you want to continue connecting (yes/no)? - and when you answer 'yes' the public key will be saved to your ~/.ssh/known_hosts file. This prevents the so called man-in-the-middle-attack. Search google or wikipedia for more details. If you reflash your phone, the public key changes (it is unique and generated on the first boot) and your ssh believes there is an attack. Somewhere on the wiki is a description how to shut this behaviour off, but I hope nobody will ever inactivate this vigilance. HTH, best regards, Marcus On Fri, 2008-07-18 at 00:40 +0530, saurabh gupta wrote: > Hi all, > > I followed the steps given in "Getting started with freerunner" on > wiki to install the sample application in my free runner. I started > the FR normally and then connect it through a usb cable. However > after executing the command : > sudo ifconfig usb0 192.168.0.200 netmask 255.255.255.0 > when i executed "ssh [EMAIL PROTECTED]", the following error message > occurred: > > > @@@ > @WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > @@@ > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > Someone could be eavesdropping on you right now (man-in-the-middle > attack)! > It is also possible that the RSA host key has just been changed. > The fingerprint for the RSA key sent by the remote host is > 37:a6:d4:f0:35:89:7c:6f:85:c4:9a:2f:31:c5:3f:35. > Please contact your system administrator. > Add correct host key in /home/saurabhg/.ssh/known_hosts to get rid of > this message. > Offending key in /home/saurabhg/.ssh/known_hosts:3 > RSA host key for 192.168.0.202 has changed and you have requested > strict checking. > Host key verification failed. > > = > > Can anyone suggest me the problem and the solution to fix it. > > Thanks ... > > -- > Saurabh Gupta > Electronics and Communication Engg. > > > ___ > Openmoko community mailing list > community@lists.openmoko.org > http://lists.openmoko.org/mailman/listinfo/community ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
for people who often reflash and thus have new host keys on their mokos i can share this ~/.ssh/config snippet: Host moko HostName 192.168.0.202 StrictHostKeyChecking no UserKnownHostsFile /dev/null User root the result is that one can just 'ssh moko' press return and be done (logged in) every time. but beware: it ignores changing host keys completely then. (one could tap you usb cable!!1!) ;) kind regards -- Joachim Steiger Openmoko Central Services ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
Hi, You need the remove the old host identification in your ~/.ssh/known_hosts /Johan On Thu, Jul 17, 2008 at 21:10, saurabh gupta <[EMAIL PROTECTED]> wrote: > Hi all, > > I followed the steps given in "Getting started with freerunner" on wiki to > install the sample application in my free runner. I started the FR normally > and then connect it through a usb cable. However after executing the > command : > sudo ifconfig usb0 192.168.0.200 netmask 255.255.255.0 > when i executed "ssh [EMAIL PROTECTED]", the following error message > occurred: > > > @@@ > @WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > @@@ > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > Someone could be eavesdropping on you right now (man-in-the-middle attack)! > It is also possible that the RSA host key has just been changed. > The fingerprint for the RSA key sent by the remote host is > 37:a6:d4:f0:35:89:7c:6f:85:c4:9a:2f:31:c5:3f:35. > Please contact your system administrator. > Add correct host key in /home/saurabhg/.ssh/known_hosts to get rid of this > message. > Offending key in /home/saurabhg/.ssh/known_hosts:3 > RSA host key for 192.168.0.202 has changed and you have requested strict > checking. > Host key verification failed. > > = > > Can anyone suggest me the problem and the solution to fix it. > > Thanks ... > > -- > Saurabh Gupta > Electronics and Communication Engg. > > > ___ > Openmoko community mailing list > community@lists.openmoko.org > http://lists.openmoko.org/mailman/listinfo/community > > -- MVH Johan Aldor [EMAIL PROTECTED] +46734406270 http://www.punktering.net/ ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Re: Problem in logging in freerunner through ssh
On Thu, Jul 17, 2008 at 2:10 PM, saurabh gupta <[EMAIL PROTECTED]> wrote: > Hi all, > > I followed the steps given in "Getting started with freerunner" on wiki to > install the sample application in my free runner. I started the FR normally > and then connect it through a usb cable. However after executing the > command : > sudo ifconfig usb0 192.168.0.200 netmask 255.255.255.0 > when i executed "ssh [EMAIL PROTECTED]", the following error message > occurred: > > > @@@ > @WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > @@@ > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > Someone could be eavesdropping on you right now (man-in-the-middle attack)! > It is also possible that the RSA host key has just been changed. > The fingerprint for the RSA key sent by the remote host is > 37:a6:d4:f0:35:89:7c:6f:85:c4:9a:2f:31:c5:3f:35. > Please contact your system administrator. > Add correct host key in /home/saurabhg/.ssh/known_hosts to get rid of this > message. > Offending key in /home/saurabhg/.ssh/known_hosts:3 > RSA host key for 192.168.0.202 has changed and you have requested strict > checking. > Host key verification failed. > > = > > Can anyone suggest me the problem and the solution to fix it. Remove line 3 from /home/saurabhg/.ssh/known_hosts. That should fix it. Paul Bonser http://blog.paulbonser.com ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
Problem in logging in freerunner through ssh
Hi all, I followed the steps given in "Getting started with freerunner" on wiki to install the sample application in my free runner. I started the FR normally and then connect it through a usb cable. However after executing the command : sudo ifconfig usb0 192.168.0.200 netmask 255.255.255.0 when i executed "ssh [EMAIL PROTECTED]", the following error message occurred: @@@ @WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 37:a6:d4:f0:35:89:7c:6f:85:c4:9a:2f:31:c5:3f:35. Please contact your system administrator. Add correct host key in /home/saurabhg/.ssh/known_hosts to get rid of this message. Offending key in /home/saurabhg/.ssh/known_hosts:3 RSA host key for 192.168.0.202 has changed and you have requested strict checking. Host key verification failed. = Can anyone suggest me the problem and the solution to fix it. Thanks ... -- Saurabh Gupta Electronics and Communication Engg. ___ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community
