LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Warning: Possible Dns Spoofing Detected! during sftp
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 02-05-2012, 08:02 AM   #1
mrk.spm
LQ Newbie
 
Registered: Feb 2012
Posts: 1

Rep: Reputation: Disabled
Warning: Possible Dns Spoofing Detected! during sftp

Greetings

I have encountered exactly the same problem like in the topic here:
http://www.linuxquestions.org/questi...118/page2.html
Unfortunately it doesn't contain clear answer.
My situation is very similar. Someone is connect to my boxes using sftp
eg "sftp host0.mydomain.com"
host0.mydomain.com is resolved in round robin for hosts host1.mydomain.com,
host2.mydomain.com, host3.mydomain.com

What should be done in order to avoid Spoofing Warnings?
In mentioned topic user chort stated:
"The host key is in /etc/ssh. You'd have to put the same hostkey on each server."
Do you think this is only solution to put the same key in each of host: host1.mydomain.com,
host2.mydomain.com, host3.mydomain.com?

Is there a chance to somehow generate a key but without hostname? - sorry if it sound ridicules, I'm not the expert

I will appreciate yours suggestions
 
Old 02-07-2012, 01:44 AM   #2
rodrifra
Member
 
Registered: Mar 2007
Location: Spain
Distribution: Ubuntu
Posts: 199

Rep: Reputation: 36
Either you do as stated in the other topic, or (as someone else stated somewhere else) you can resolv name first and then connect to the IP, that way you wont have the DNS spoofing message.

The best option IMO (since you don't control clients) would be copying rsa/dsa key between hosts.
 
Old 02-07-2012, 02:35 AM   #3
Reuti
Member
Contributing Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 11.4
Posts: 970

Rep: Reputation: 184Reputation: 184
You can try the option -oStrictHostKeyChecking=no. And/or also add it to your ~/.ssh/config file:
Code:
Hosts host1.mydomain.com host2.mydomain.com host3.mydomain.com
    StrictHostKeyChecking no
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Warning: Possible Dns Spoofing Detected! ashsethi Linux - Security 16 07-19-2011 09:39 AM
dns spoofing with ettercap does not work bo01 Linux - Networking 1 07-03-2011 11:30 PM
Configure DNS Spoofing ranjeet_badhe Linux - Networking 4 10-26-2009 05:53 AM
Spoofing MX records without querying DNS rubanek Linux - Networking 1 06-02-2008 01:56 PM
Help with SSH attack..DNS Spoofing laucian Linux - Newbie 1 10-15-2007 06:17 AM


All times are GMT -5. The time now is 09:25 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration