DUNE / FAQ

Frequently asked questions for DUNE computing
Apache License 2.0
0 stars 0 forks source link

ssh failed because of an un-recognized key #25

Open hschellman opened 6 months ago

hschellman commented 6 months ago

Infrequently, the ssh key of one or more of the dunegpvm's or build nodes changes because it's been upgraded. Check the dune-computing-news mailing list to see announcements of interactive node upgrades.

ssh checks the key returned by a server against the one stored in $HOME/.ssh/known_hosts. If it differs, you will get a warning message about how the key is different and how there could be a "man-in-the-middle attack" or "DNS Spoofing".

If you know that the server has plausibly changed its key due to an upgrade, you can just edit $HOME/.ssh/known_hosts and remove the line beginning with the node name you were trying to log in to. Then the next time you log in, ssh will ask you if it is okay to add the new key to your known_hosts. You can even delete your $HOME/.ssh/known_hosts if you don't mind being asked to create new key entries for all the hosts you want to log in to. That said, it is possible that an attacker has redirected you to another computer, which is what the key check is meant to detect, so it is good to know if there is a reason for the key change.