Re: [Toolserver-l] RSA key changed on yarrow?
Merlijn van Deen wrote: >> ssh'ing to yarrow gives: >> | [tim@passepartout ~]$ ssh yarrow.toolserver.org >> | The RSA host key for yarrow.toolserver.org has changed, >> | and the key for the corresponding IP address 91.198.174.216 >> | is unknown. >> | The fingerprint for the RSA key sent by the remote host is >> | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af. >> Was this intentional? > Yarrow was used as name for at least one other server before the > current login server. This one was installed recently (july), and your > host keys might be older (and thus correspond to the wrong server). No, I use yarrow regularly and the behaviour changed this weekend. After comparing backups, the only change was a ~/.ssh/known_hosts2 with the contents: | yarrow.toolserver.org ssh-dss [...]== After removing this file, ssh ceased to complain. I played around with Net::SSH::Perl & Co. this weekend, and my assumption is that - as it doesn't work quote right :-) - it dumped an invalid key to this file which caused ssh to barf. So: No RSA key changed on yarrow :-). Tim ___ Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/toolserver-l Posting guidelines for this list: https://wiki.toolserver.org/view/Mailing_list_etiquette
Re: [Toolserver-l] RSA key changed on yarrow?
According to https://fingerprints.toolserver.org/ , yarrow's RSA fingerprint is 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af , which is what you're being sent. Presumably Merlijn van Deen is correct, and your known_hosts file is referring to the older server. (Sorry for the double-reply, this only occurred to me after I sent the previous message.) On Sun, Jan 13, 2013 at 4:06 PM, Wolfgang Faust wrote: > Yarrow's keys haven't changed for me. > > > On Sun, Jan 13, 2013 at 3:51 PM, Tim Landscheidt > wrote: > >> Hi, >> >> ssh'ing to yarrow gives: >> >> | [tim@passepartout ~]$ ssh yarrow.toolserver.org >> | @@@ >> | @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ >> | @@@ >> | The RSA host key for yarrow.toolserver.org has changed, >> | and the key for the corresponding IP address 91.198.174.216 >> | is unknown. This could either mean that >> | DNS SPOOFING is happening or the IP address for the host >> | and its host key have changed at the same time. >> | @@@ >> | @WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ >> | @@@ >> | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! >> | Someone could be eavesdropping on you right now (man-in-the-middle >> attack)! >> | It is also possible that a host key has just been changed. >> | The fingerprint for the RSA key sent by the remote host is >> | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af. >> | Please contact your system administrator. >> | Add correct host key in /home/tim/.ssh/known_hosts2 to get rid of this >> message. >> | Offending DSA key in /home/tim/.ssh/known_hosts2:1 >> | RSA host key for yarrow.toolserver.org has changed and you have >> requested strict checking. >> | This is the Wikimedia Toolserver. >> | [...] >> >> Was this intentional? >> >> Tim >> >> >> ___ >> Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) >> https://lists.wikimedia.org/mailman/listinfo/toolserver-l >> Posting guidelines for this list: >> https://wiki.toolserver.org/view/Mailing_list_etiquette >> > > > > -- > This message has been encoded in 128ROT13 for security. If you are unable > to view it, please consult an optometrist. > -- This message has been encoded in 128ROT13 for security. If you are unable to view it, please consult an optometrist. ___ Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/toolserver-l Posting guidelines for this list: https://wiki.toolserver.org/view/Mailing_list_etiquette
Re: [Toolserver-l] RSA key changed on yarrow?
Yarrow's keys haven't changed for me. On Sun, Jan 13, 2013 at 3:51 PM, Tim Landscheidt wrote: > Hi, > > ssh'ing to yarrow gives: > > | [tim@passepartout ~]$ ssh yarrow.toolserver.org > | @@@ > | @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ > | @@@ > | The RSA host key for yarrow.toolserver.org has changed, > | and the key for the corresponding IP address 91.198.174.216 > | is unknown. This could either mean that > | DNS SPOOFING is happening or the IP address for the host > | and its host key have changed at the same time. > | @@@ > | @WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > | @@@ > | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > | Someone could be eavesdropping on you right now (man-in-the-middle > attack)! > | It is also possible that a host key has just been changed. > | The fingerprint for the RSA key sent by the remote host is > | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af. > | Please contact your system administrator. > | Add correct host key in /home/tim/.ssh/known_hosts2 to get rid of this > message. > | Offending DSA key in /home/tim/.ssh/known_hosts2:1 > | RSA host key for yarrow.toolserver.org has changed and you have > requested strict checking. > | This is the Wikimedia Toolserver. > | [...] > > Was this intentional? > > Tim > > > ___ > Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) > https://lists.wikimedia.org/mailman/listinfo/toolserver-l > Posting guidelines for this list: > https://wiki.toolserver.org/view/Mailing_list_etiquette > -- This message has been encoded in 128ROT13 for security. If you are unable to view it, please consult an optometrist. ___ Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/toolserver-l Posting guidelines for this list: https://wiki.toolserver.org/view/Mailing_list_etiquette
Re: [Toolserver-l] RSA key changed on yarrow?
On 13 January 2013 21:51, Tim Landscheidt wrote: > ssh'ing to yarrow gives: > > | [tim@passepartout ~]$ ssh yarrow.toolserver.org > | The RSA host key for yarrow.toolserver.org has changed, > | and the key for the corresponding IP address 91.198.174.216 > | is unknown. > | The fingerprint for the RSA key sent by the remote host is > | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af. > Was this intentional? Yarrow was used as name for at least one other server before the current login server. This one was installed recently (july), and your host keys might be older (and thus correspond to the wrong server). Merlijn ___ Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/toolserver-l Posting guidelines for this list: https://wiki.toolserver.org/view/Mailing_list_etiquette
[Toolserver-l] RSA key changed on yarrow?
Hi, ssh'ing to yarrow gives: | [tim@passepartout ~]$ ssh yarrow.toolserver.org | @@@ | @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ | @@@ | The RSA host key for yarrow.toolserver.org has changed, | and the key for the corresponding IP address 91.198.174.216 | is unknown. This could either mean that | DNS SPOOFING is happening or the IP address for the host | and its host key have changed at the same time. | @@@ | @WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ | @@@ | IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! | Someone could be eavesdropping on you right now (man-in-the-middle attack)! | It is also possible that a host key has just been changed. | The fingerprint for the RSA key sent by the remote host is | 59:3d:de:62:07:44:f2:f3:b0:e1:6d:a8:d2:7e:7e:af. | Please contact your system administrator. | Add correct host key in /home/tim/.ssh/known_hosts2 to get rid of this message. | Offending DSA key in /home/tim/.ssh/known_hosts2:1 | RSA host key for yarrow.toolserver.org has changed and you have requested strict checking. | This is the Wikimedia Toolserver. | [...] Was this intentional? Tim ___ Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/toolserver-l Posting guidelines for this list: https://wiki.toolserver.org/view/Mailing_list_etiquette
Re: [Toolserver-l] New Rule: SGE-constraint for bots
On 11/01/13 23:43, DaB. wrote: > Hello, > At Friday 11 January 2013 23:42:03 DaB. wrote: >> Is TS-1479[1] a valid exception B for not using SGE for some specific >> scripts? > > yes. But I will speak with Merlissimo about a fix for this (AFAIR he had a > problem with the given patch). It looks good to me (note it is *not* using embedded quotes as suggested in comment #1). ___ Toolserver-l mailing list (Toolserver-l@lists.wikimedia.org) https://lists.wikimedia.org/mailman/listinfo/toolserver-l Posting guidelines for this list: https://wiki.toolserver.org/view/Mailing_list_etiquette