Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation
Reload this Page Newb: What would cause SSL warning "Possible man-in-the-middle attack!"
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 11th June 2009, 14:21
Slowhand Slowhand is offline
Member
  
Join Date: Sep 2007
Posts: 96
Thanks: 6
Thanked 0 Times in 0 Posts
Default Newb: What would cause SSL warning "Possible man-in-the-middle attack!"
Hi,

I normally work on my Ubuntu server from my OSX desktop computer.

Sometimes I use my Macbook. I had logged in to the server over SSL previously and all had been well using the Macbook. Yesterday I suddenly got a warning saying words to the effect that "The server has changed! Possible man-in-the-middle attack! Login fail."

What would trigger this? Me installing something on the server whilst logged in from my desktop computer?

It's highly unlikely the server is compromised as it's not even facing the internet and my other server, which *is* facing the internet shouldn't have SSH running and my router isn't forwarding port 25 in any case.

What's the deal?

Slowhand
Reply With Quote
Sponsored Links
  #2  
Old 12th June 2009, 16:49
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,685
Thanks: 1,899
Thanked 2,599 Times in 2,448 Posts
Default
Maybe OpenSSH got updated on the server.
You will also get a warning like this if you log in to another server with the same IP (e.g. if you have a server in your office with the IP 192.168.0.100 and a server at home which has the same IP - the SSH client thinks it's the same server and therefore issues a warning because the key has changed).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 12th June 2009, 16:57
Slowhand Slowhand is offline
Member
  
Join Date: Sep 2007
Posts: 96
Thanks: 6
Thanked 0 Times in 0 Posts
 
Default
Quote:
Originally Posted by falko View Post
Maybe OpenSSH got updated on the server.
You will also get a warning like this if you log in to another server with the same IP (e.g. if you have a server in your office with the IP 192.168.0.100 and a server at home which has the same IP - the SSH client thinks it's the same server and therefore issues a warning because the key has changed).
Falko,

Must be the first option as I don't work on another server...

Quite scary when the message appears...

Is there a way to tell the update history on a server (Ubuntu 8.04 LTS)?

Thanks :-)

Slowhand
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to install ISPConfig bdonecker Installation/Configuration 21 26th May 2009 08:20
drbd error -115 anandx Installation/Configuration 15 26th April 2009 19:16
[Postfix] Quota doesn't work krzysiek HOWTO-Related Questions 8 2nd March 2009 15:57
backup failure.... gilas Installation/Configuration 19 30th October 2007 12:08
Postfix delivery problem erebus Installation/Configuration 6 28th October 2007 16:20


All times are GMT +2. The time now is 01:22.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.