Basic SSH Question

[joshnerl]

I'm having trouble SSH'ing into my new FN8 box from Terminal on a Mac. Running 8.0.4x64 and have setup user joshnerl in group operator. When i try to run command "ssh joshnerl@192.168.x.x" i get:


@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
xx:xx:xx:......
Please contact your system administrator.
Add correct host key in /Users/joshnerl/.ssh/known_hosts to get rid of this message.
Offending key in /Users/joshnerl/.ssh/known_hosts:4
RSA host key for 192.168.x.x has changed and you have requested strict checking.
Host key verification failed.

I've always SSH'd into my FN7 box this way so maybe I just need a new command or syntax? I don't mind modifying a known_host file like it asks me to, but that directory doesn't exist on my Mac. i'm not sure what i'm supposed to be editing.

 

[paleoN]

I've always SSH'd into my FN7 box this way so maybe I just need a new command or syntax?

Nope, no new syntax needed.

I don't mind modifying a known_host file like it asks me to, but that directory doesn't exist on my Mac. i'm not sure what i'm supposed to be editing.

Ah, but it does exist and will show near the top:

Code:

cd

ls -al | less

[size=+2].[/size]directories & files are hidden by default. From the terminal edit /Users/joshnerl/.ssh/known_hosts and delete line 4 it looks like.

 

[joshnerl]

Maybe I'm dumber than I thought. So when I access the shell, i'm in as root, correct? But i need to ultimately edit the /users/joshnerl/.ssh/known_hosts file. I tried to navigate to the home directory i setup for joshnerl at /mnt/joshnerl but i'm not even seeing that folder. Should I be somehow logging into the shell as joshnerl? What's the syntax to change users?

 

[James]

Whenever you successfully login using SSH, an entry for that host's IP address is added to the known_hosts file on the local machine (in this case your Mac). If you SSH to the same IP address but the key is different, you get this error as a protection measure. This typically happens when you do a reinstall as the keys change but the IP address often does not. The error is meant to protect you in case a server you are SSHing into has been hacked.

In your case, there is a hidden directory called .ssh on your Mac. Find the entry for the IP address in the known_hosts file in that directory and remove that line.

Finally, when using SSH, don't login as root (it is disabled by default so you will not). Instead, create a user account and put it in the wheel auxiliary group.

 

[joshnerl]

Success! Thanks a ton. I just needed to know that the file was on the Mac and not on the FN box. I was able to SSH into the box as joshnerl.

You bring up an interesting topic. On my old box I made joshnerl a member of wheel, but I've seen a number of posts here that say not to make any users part of wheel because of the power that the group has. I'm in a home environment with 2 users (both me). If anything happens, i know it was my mistake. Is there a technical reason not to make users part of wheel or is it just the risk aspect?

Thanks again for the help.

 

[James]

Anyone in the wheel group has permission to su to root. Don't add anyone to that group who you wouldn't want to have root access to the system.

 

[paleoN]

Success! Thanks a ton. I just needed to know that the file was on the Mac and not on the FN box.

Yes, as admin said it's on your Mac. Sorry, for not making that clear.

You bring up an interesting topic. On my old box I made joshnerl a member of wheel, but I've seen a number of posts here that say not to make any users part of wheel because of the power that the group has.

Most of those recent posts are about not having wheel as your primary group. To belong to wheel it needs to be an auxiliary group.