Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 11th June 2009, 14:21
Slowhand Slowhand is offline
Member
 
Join Date: Sep 2007
Posts: 96
Thanks: 6
Thanked 0 Times in 0 Posts
Default Newb: What would cause SSL warning "Possible man-in-the-middle attack!"

Hi,

I normally work on my Ubuntu server from my OSX desktop computer.

Sometimes I use my Macbook. I had logged in to the server over SSL previously and all had been well using the Macbook. Yesterday I suddenly got a warning saying words to the effect that "The server has changed! Possible man-in-the-middle attack! Login fail."

What would trigger this? Me installing something on the server whilst logged in from my desktop computer?

It's highly unlikely the server is compromised as it's not even facing the internet and my other server, which *is* facing the internet shouldn't have SSH running and my router isn't forwarding port 25 in any case.

What's the deal?

Slowhand
Reply With Quote
Sponsored Links
  #2  
Old 12th June 2009, 16:49
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Maybe OpenSSH got updated on the server.
You will also get a warning like this if you log in to another server with the same IP (e.g. if you have a server in your office with the IP 192.168.0.100 and a server at home which has the same IP - the SSH client thinks it's the same server and therefore issues a warning because the key has changed).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 12th June 2009, 16:57
Slowhand Slowhand is offline
Member
 
Join Date: Sep 2007
Posts: 96
Thanks: 6
Thanked 0 Times in 0 Posts
 
Default

Quote:
Originally Posted by falko View Post
Maybe OpenSSH got updated on the server.
You will also get a warning like this if you log in to another server with the same IP (e.g. if you have a server in your office with the IP 192.168.0.100 and a server at home which has the same IP - the SSH client thinks it's the same server and therefore issues a warning because the key has changed).
Falko,

Must be the first option as I don't work on another server...

Quite scary when the message appears...

Is there a way to tell the update history on a server (Ubuntu 8.04 LTS)?

Thanks :-)

Slowhand
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix delivery problem erebus Installation/Configuration 8 29th July 2014 20:17
Unable to install ISPConfig bdonecker Installation/Configuration 21 26th May 2009 08:20
drbd error -115 anandx Installation/Configuration 15 26th April 2009 19:16
[Postfix] Quota doesn't work krzysiek HOWTO-Related Questions 8 2nd March 2009 15:57
backup failure.... gilas Installation/Configuration 19 30th October 2007 12:08


All times are GMT +2. The time now is 16:47.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.