Apple Xserve User Manual
Have a look at the manual Apple Xserve User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 195 Apple manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Xserve Verification of Basic Services - 14 Troubleshooting Authentication Issues Troubleshooting Authentication Issues Symptom A warning message such as Òauthenticity of host cannot be establishedÓ appears when you attempt to log in to Xserve remotely. Solution Delete and then recreate the authentication keys related to the speciÞc host. Important: ¥ Make sure you have the IP address and Admin login information for the appropriate Xserve. ¥ Verify the first 8 characters of the serial number that correspond to the appropriate Xserve. ¥ Make sure that the administration computer has Mac OS X version 10.1 or later installed. When authentication of the RSA host key is invalid, the warning message states which hosts Þle, and line number within the Þle, is invalid. For example: Offending key in /Users/admin/.ssh/known_hosts2:42 In this example, known_hosts2 has the offending authentication key and the host on line 42 of known_hosts2 is the line that needs to be deleted. Note: The warning message has some very stern wording; however, there are non- threatening reasons for authentication keys not matching.
15 - Xserve Verification of Basic Services
Troubleshooting Authentication Issues Error message example:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@
@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@
The RSA host key for xxxxxx has changed,
and the key for the according IP address 17.xxx.xxx.xx
is unchanged. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
Offending key for IP in /Users/admin/.ssh/known_hosts2:44
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The Þngerprint for the RSA key sent by the remote host is
xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.
Please contact your system administrator.
Add correct host key in /Users/admin/.ssh/known_hosts2 to get rid of message.
Offending key in /Users/admin/.ssh/known_hosts2:42
RSA host key for xxxxxxx has changed and you have requested strict checking.
The authenticity of host xxxxxx (17.xxx.xxx.xx) cant be established.
RSA key Þngerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.
Are you sure you want to continue connecting (yes/no)?
Xserve Verification of Basic Services - 16 Troubleshooting Authentication Issues How to Delete and Recreate Authentication Keys 1. Open TextEdit on the Admin computer. Located in /Applications/ 2. Open the Þle: ~/.ssh/known_hosts or ~/.ssh/known_hosts2 All fingerprints from previous connections appear. 3. Locate host name or IP address of the server within the text you want to connect to using ssh. This is the on the line number mentioned in the warning message. 4. Delete the line containing the host name or IP address. Press Control-K in TextEdit to delete the entire line including all authentication keys related to this host. 5. Save the TextEdit Þle. 6. Quit TextEdit. 7. Open Terminal on the Admin computer. 8. Type the following at the command prompt: ssh -l root 9. Press Return. A prompt asks to recreate the certiÞcate. 10. Type y at the prompt to recreate the certiÞcate. A new fingerprint appears and a prompt asks to continue with the connection process.