Hi, On Mon, Jan 30, 2017 at 09:18:39PM -0800, ToddAndMargo wrote: > Questions: > 1) it prompts me for a password. Whose password? Mine, > there's, a certificate's password? If it is a certificates > password > how the &*$@ am I suppose to know that? the password of the user you are connecting. In your example below it would be "yyyy".
> 2) What is all this garbage that comes up? > $ xfreerdp -t xxxx -u yyyy www.xxx.yyy.zzz > connected to www.xxx.yyy.zz:xxxx > The host key for www.xxx.yyy.zzz has changed > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ > @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ > IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! > Someone could be eavesdropping on you right now (man-in-the-middle attack)! > It is also possible that a host key has just been changed. > The fingerprint for the host key sent by the remote host is > <<redacted>> > Please contact your system administrator. > Add correct host key in ~/.freerdp/known_hosts to get rid of this message. > Host key for www.xxx.yyy.zzz has changed and you have requested strict > checking. > Host key verification failed. > tls_connect: certificate not trusted, aborting. The message above indicates that you are connecting to a host whose certificate has changed for any reason (which could possibly also be malicious). Same thing as if you use ssh and the host key changes. If you sure that it is the right host you can simply remove the entry from ~/.freerdp/known_hosts and reconnect. When connecting to a session broker with different certificates this warning can happen. For this, and all other cases where you don't want this warning, you can use the option "--ignore-certificate" (or /cert-ignore with newer versions of FreeRDP). Best regards, Bernhard ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ FreeRDP-devel mailing list FreeRDP-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freerdp-devel
