[Labs-l] Fingerprint change
Tim Landscheidt
tim at tim-landscheidt.de
Wed Aug 26 23:19:10 UTC 2015
(anonymous) wrote:
>>> It looks like a temporal error. Now there is no warning.
>> This happens when our network service crashes. While the network
>> service is down, all traffic bound for a specific instance instead hits
>> the network server. Ssh blithely tries to log in there, sees the wrong
>> host key, and complains.
>> This was a side-effect of the upgrade I'm in the middle of. I'm done
>> with the networking stuff so the problem shouldn't recur immediately. I
>> don't know how to avoid it entirely :(
> As that host is not supposed to get any connection, I would
> put a Banner entry on sshd_config saying "This is not the
> drone you were expecting to log into" (or a more elaborate
> phrase of your email :P).
> That would at least hint that instead of panicking we should
> go to irc to bug you for crashing the network service ;)
Isn't the banner only shown after establishing the connec-
tion, i. e. after the user would "fix" the host's finger-
print?
Tim
More information about the Labs-l
mailing list