Host Identification Has Changed???

Host Identification Has Changed???

Posted by: maxhugen
Posted on: 2008-03-16 20:48:00

I use SSH Secure Shell to connect to Dreamhost for shell and FTP access.

Haven't used it for a while though, and today, the following alert popped up:

In reply to:

WARNING: HOST IDENTIFICATION HAS CHANGED!
1. Either the admin has changed it
2. The SSH protocol has been upgraded from SSH1 to SSH2
3. SOMEONE COULD BE EAVESDROPPING ON YOU RIGHT NOW (man-in-the-middle attack)!

It goes on to warn against connecting until you find out why the ID has changed....

Does anyone know it's OK to connect or not?

MTIA

Re: Host Identification Has Changed???

Posted by: rlparker
Posted on: 2008-03-16 21:51:00

I've had this happen on occasion myself .. the "correct" answer is that the only way you can know *for sure* if the change is legitimate is to contact DreamHost with a support ticket and ask.

Of course, it is also pretty much the same scenario as when you *first* connect to a host via SSH ... at some point you have to decide whether or not to trust the "host".

--rlparker

Re: Host Identification Has Changed???

Posted by: sdayman
Posted on: 2008-03-17 06:13:00

I believe that this happens when a server gets replaced. You might do a search in dreamhoststatus.com for your server name to see if it's been swapped out.

-Scott

Re: Host Identification Has Changed???

Posted by: maxhugen
Posted on: 2008-03-17 15:12:00

Thanks! I'll check with DH support.

Tags: host identificationsecure shellman in the middle attackssh2ftp accessreplyhost identificationsecure shellman in the middle attackssh2ftp accessreply