Ssh Compromised!
Please someone help me I am a newbie. I had setup the ssh daemon on my RedHat Linux 7.2 server last week. I used openssh. I created the keys and was able to login to my server through my lan:
ssh 192.168.1.05.
Here is what happens now when I try to ssh:
[root@localhost root]# ssh 192.168.1.105
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:1
RSA host key for 192.168.1.105 has changed and you have requested strict checking.
Host key verification failed.
WHAT IS GOING ON??? Has someone compromised my machine. I was also able to ssh from the outside world to my machine last week. I have a dynamic IP. All incoming ssh conenctions (port 22) are forwarded to 192.168.1.105, my linux server. Please HELP!
|