Key Change Warnings

Note: We are working on updating our documentation, this page has been identified as still needing improvement. This notice will be removed once these improvements are complete.

What warning is provided in the event of host key changes?

SourceForge.net makes use of SSH to secure access to some services. Each of our SSH hosts has a separate host key identified by fingerprint.

If the host key changes, this may be a sign of security attack, or may be a sign that we have updated the host key. If change occurs, you will see a warning as follows.

Please contact the SourceForge.net team if you encounter SSH host key problems.

PuTTY

The PuTTY SSH client will generate messages like "The server's host key is not cached in the registry" and "WARNING - POTENTIAL SECURITY BREACH!" if the host key fingerprint has changed. Please contact the SourceForge.net team if you encounter SSH host key problems.

OpenSSH

OpenSSH may produce messages similar to the following in the event that unexpected SSH host key changes are detected:

   @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@  @@@@@@@@@
The DSA host key for shell.sourceforge.net has changed,
and the key for the according IP address 66.35.250.208
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@  @@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the DSA host key has just been changed.
The fingerprint for the DSA key sent by the remote host is
4c:68:03:d4:5c:58:a6:1d:9d:17:13:24:14:48:ba:99.
Please contact your system administrator.
Add correct host key in /home/username/.ssh/known_hosts2 to get rid of this message.
Offending key in /home/username/.ssh/known_hosts2:4
DSA host key for shell.sourceforge.net has changed and you have requested strict checking.

Related

Documentation: Contact Us
Documentation: SSH