Thursday, May 21, 2015

Fixing ssh issue




[sam@rdujump05 .ssh]$ ssh dmpudb243
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for dmpudb243 has changed,
and the key for the corresponding IP address 192.168.10.118
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
5b:03:e0:aa:dd:fd:52:5a:b3:6c:d1:54:3e:73:af:ac.
Please contact your system administrator.
Add correct host key in /home/sam/.ssh/known_hosts to get rid of this message.
Offending key in /home/sam/.ssh/known_hosts:786
RSA host key for dmpudb243 has changed and you have requested strict checking.
Host key verification failed.

[sam@rdujump05 .ssh]$ grep dmpudb243  /home/sam/.ssh/known_hosts
[sam@rdujump05 .ssh]$ ls -la
total 1500
drwx------  2 sam sam      76 May 21 14:55 .
drwx------ 13 sam sam    4096 May 21 14:33 ..
-rw-r--r--  1 sam sam     623 Mar 25 14:05 authorized_keys
-rw-------  1 sam sam     744 Apr 28 11:40 id_dsa
-rw-r--r--  1 sam sam     623 Apr 28 11:40 id_dsa.pub
-rw-r--r--  1 sam sam 1528456 May 21 14:32 known_hosts

[sam@rdujump05 .ssh]$ mv known_hosts known_hosts.1
[sam@rdujump05 .ssh]$ mv id_dsa.pub id_dsa.pub.1
[sam@rdujump05 .ssh]$ mv id_dsa id_dsa.1
[sam@rdujump05 .ssh]$ mv authorized_keys authorized_keys.1

[sam@rdujump05 .ssh]$ ssh dmpudb243
The authenticity of host 'dmpudb243 (192.168.10.118)' can't be established.
RSA key fingerprint is 5b:03:e0:aa:dd:fd:52:5a:b3:6c:d1:54:3e:73:af:ac.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'dmpudb243,192.168.10.118' (RSA) to the list of known hosts.
sam@dmpudb243's password:
You are required to change your password immediately (root enforced)
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user sam.
Changing password for sam.
(current) UNIX password:
passwd: Authentication token manipulation error
Connection to dmpudb243 closed.

[sam@rdujump05 .ssh]$ ssh dmpudb243
sam@dmpudb243's password:
You are required to change your password immediately (root enforced)
Last login: Thu May 21 14:50:38 2015 from 192.168.10.126
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user sam.
Changing password for sam.
(current) UNIX password:
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
Connection to dmpudb243 closed.

[sam@rdujump05 .ssh]$ ssh dmpudb243
sam@dmpudb243's password:
Last login: Thu May 21 14:51:18 2015 from 192.168.10.126
[sam@dmpudb243 ~]$ pwd
/home/sam

[sam@dmpudb243 ~]$ ls -la
total 20
drwx------   2 sam sam 4096 May 21 14:10 .
drwxr-xr-x. 27 root    root    4096 May 21 14:10 ..
-rw-r--r--   1 sam sam   18 Jul  9  2013 .bash_logout
-rw-r--r--   1 sam sam  176 Jul  9  2013 .bash_profile
-rw-r--r--   1 sam sam  124 Jul  9  2013 .bashrc


[sam@rcrdmdcm01 ~]$ cd .ssh
-bash: cd: .ssh: No such file or directory
[sam@tcecapdAr6cm01 ~]$ logout
Connection to tcecapdar6cm01 closed.
[sam@rdujump05 .ssh]$ pwd
/home/sam/.ssh
[sam@rdujump05 .ssh]$ ls -la
total 1501
drwx------  2 sam sam     102 May 21 14:56 .
drwx------ 13 sam sam    4096 May 21 14:33 ..
-rw-r--r--  1 sam sam     623 Mar 25 14:05 authorized_keys.1
-rw-------  1 sam sam     744 Apr 28 11:40 id_dsa.1
-rw-r--r--  1 sam sam     623 Apr 28 11:40 id_dsa.pub.1
-rw-r--r--  1 sam sam     411 May 21 14:56 known_hosts
-rw-r--r--  1 sam sam 1528456 May 21 14:32 known_hosts.1
[sam@rdujump05 .ssh]$ more known_hosts
tcecapdar6cm01,192.168.10.118 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0sO1uCXuEbl4tjSVe6k3pWVBvMF08OgSSqsQeF9w7jKFYn
4QxstP5nhv1cyK3zIGYgP0wX25wwkgO/MSuwLJ1wAGooy+64eZcGDCKhnQmtm686AJTRjktfTD6zlzPAkJ/Wsaq3ErzYSh2BR4CyrqpoUKnfwC3u
7f0+omTulmoOaLQWit2gcuQYG+NoEHXBo4Ugnu294d2ZaE8PlG7nV3jtv6gm2UPoFHE9M0BhGjiRgQ5/UsVEnPN3Z6Xu2rdnPXcM2guzP7G/ytn9
JYwrUeTaJwOgI+Z/6HAilSeODm8uuoX9Mtmryl3G4xVTMpx0h2yN9thLbICtHlDvfXdEWHfw==
[sam@rdujump05 .ssh]$ nslookup 192.168.10.118
Server:         10.153.156.4
Address:        10.153.156.4#53

118.10.168.192.in-addr.arpa     name = dmpudb243.ecap.cciio.

[sam@rdujump05 .ssh]$ cat known_hosts >>known_hosts
cat: known_hosts: input file is output file
[sam@rdujump05 .ssh]$  more known_hosts
dmpudb243,192.168.10.118 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA0sO1uCXuEbl4tjSVe6k3pWVBvMF08OgSSqsQeF9w7jKFYn
4QxstP5nhv1cyK3zIGYgP0wX25wwkgO/MSuwLJ1wAGooy+64eZcGDCKhnQmtm686AJTRjktfTD6zlzPAkJ/Wsaq3ErzYSh2BR4CyrqpoUKnfwC3u
7f0+omTulmoOaLQWit2gcuQYG+NoEHXBo4Ugnu294d2ZaE8PlG7nV3jtv6gm2UPoFHE9M0BhGjiRgQ5/UsVEnPN3Z6Xu2rdnPXcM2guzP7G/ytn9
JYwrUeTaJwOgI+Z/6HAilSeODm8uuoX9Mtmryl3G4xVTMpx0h2yN9thLbICtHlDvfXdEWHfw==
[sam@rdujump05 .ssh]$ cat known_hosts >>known_hosts.1
[sam@rdujump05 .ssh]$ mv known_hosts.2
mv: missing destination file operand after `known_hosts.2'
Try `mv --help' for more information.
[sam@rdujump05 .ssh]$ mv known_hosts known_hosts.2
[sam@rdujump05 .ssh]$ cp -p known_hosts.1 known_hosts
[sam@rdujump05 .ssh]$ ssh dmpudb243
sam@dmpudb243's password:
Last login: Thu May 21 14:52:02 2015 from 192.168.10.126
[sam@dmpudb243 ~]$


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)