Hi, I normally work on my Ubuntu server from my OSX desktop computer. Sometimes I use my Macbook. I had logged in to the server over SSL previously and all had been well using the Macbook. Yesterday I suddenly got a warning saying words to the effect that "The server has changed! Possible man-in-the-middle attack! Login fail." What would trigger this? Me installing something on the server whilst logged in from my desktop computer? It's highly unlikely the server is compromised as it's not even facing the internet and my other server, which *is* facing the internet shouldn't have SSH running and my router isn't forwarding port 25 in any case. What's the deal? Slowhand
Maybe OpenSSH got updated on the server. You will also get a warning like this if you log in to another server with the same IP (e.g. if you have a server in your office with the IP 192.168.0.100 and a server at home which has the same IP - the SSH client thinks it's the same server and therefore issues a warning because the key has changed).
Falko, Must be the first option as I don't work on another server... Quite scary when the message appears... Is there a way to tell the update history on a server (Ubuntu 8.04 LTS)? Thanks Slowhand
