Hi Mike, What happens when you ssh into an account is that an entry gets created under the .ssh directory in a file called known_hosts. The entry in the known_hosts file is listed the way that you made the connection -- so it could be either by IP address or by domain name. (This is the way that it works in unix and linux systems that I'm familiar with).
If there's a new operating system install and you try to ssh, the encrypted information in the known_hosts will change, and you'll get warnings of the sort that you showed. I'm not sure of the circumstances behind your changes, but you can resolve this by deleting the old entry for your host in the known_hosts file. However, it's not a good idea to ssh into a system as root. Many systems are set up to reject this. The usual way to do this is to ssh into an unprivileged account and then su to an account with root authorization once you are on the other machine. It's also possible to upgrade systems and update ssh in a way that doesn't generate these error messages, but it usually doesn't seem to happen that way. My knowledge is only that of a user -- not a sysadmin or programmer. Maybe someone else can help you out more here. Cheers, Esther On August 02, 2008, at 12:26PM, Mike's Western Account wrote: >hi; >ok so i am trying to ssh via terminal into my server, i changed the >nameservers to a different ip this morning and it has resolved. I can >not now however login using >ssh [EMAIL PROTECTED] >anymore i can via >ssh [EMAIL PROTECTED] >but not via >ssh [EMAIL PROTECTED] >i get this error: >Last login: Sat Aug 2 13:37:29 on ttys001 >michael-babcocks-macbook:~ mike$ ssh [EMAIL PROTECTED] >@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ >@ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ >@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ >The RSA host key for gwhosting.net has changed, >and the key for the according IP address 93.189.2.74 >is unchanged. This could either mean that >DNS SPOOFING is happening or the IP address for the host >and its host key have changed at the same time. >Offending key for IP in /Users/mike/.ssh/known_hosts:3 >@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ >@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ >@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ >IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! >Someone could be eavesdropping on you right now (man-in-the-middle >attack)! >It is also possible that the RSA host key has just been changed. >The fingerprint for the RSA key sent by the remote host is >75:94:5a:40:19:6a:07:2f:44:58:52:ae:14:d9:f7:d4. >Please contact your system administrator. >Add correct host key in /Users/mike/.ssh/known_hosts to get rid of >this message. >Offending key in /Users/mike/.ssh/known_hosts:2 >RSA host key for gwhosting.net has changed and you have requested >strict checking. >Host key verification failed. >michael-babcocks-macbook:~ mike$ >please help me get this fixed! > >see what i'm doing on twitter: >http://www.twitter.com/creepyblindy > > > > > >
