I run a subsonic media server from a dedicated raspberry pi. Since having the raspberry as soon as they came out I've been able to connect via ssh.
But last night I get a message on trying to connect from my local #! host that "The remote host xxxx authenticity cannot be established". On my main machine, that I do all my banking from, etc., I accepted it. Now I worry a bit.
When I try to connect tonight from my local machine the connection just times out. Trying to connect to the raspberry server from another local machine I get the same issue: "The host XXXXXXXX authenticity cannot be established. Do you want to continue yes/no?". This time I chose not to.
I do not get any warning in terminator telling me to be careful about man-in-the-middle attacks. I have had such warnings before, when host keys have changed. I accepted them without any issues, quite a few months ago.
This time I'm slightly more worried, as I read about a normal machine warding off 4000 attacks in any given week (all our machines apparently). I also learn more and more about my own lack of understanding with these things, and don't know what how to make things more secure. Weirdly, and this is probably me just being really paranoid, I get a weird prank phone call earlier. I know a few hackers (like the cracker types who don't always do the most savory things- I'm a researcher and am interested in their forms of organization), so do have to be careful I guess.
I'm thinking about just deleting the trusted_hosts keys in .ssh/trusted_hosts
Probably not the best forum to ask about this, but I like it hear and trust people. Does anyone know more about this kind of thing, and feel I should be worried? Can anyone help me remedy the situation? I guess deleting the keys is the most simple thing to do. There is about 6 keys in total I think. I can't remember why I have that many really, as I only really use ssh to access my phone, my raspberry, and that's it.
Last edited by dura (2012-11-09 14:20:58)
Ok, for the time being I just deleted the specific host key for the raspberry pi, like so:
ssh-keygen -R pi@xxxxxxxxxxxxxx
But still the connection just times out.
If anyone has any experience or ideas with this it would be a lot of help.
Last edited by dura (2012-11-06 23:35:36)
Here is a good explanation on using host keys.
Why the host key might change
The more innocent explanations for a changed host key include recompiling or upgrading SSH, rebuilding the server, or just using a different address to get to the same host. When your system stores the host key it records it by address, so even if "localhost" and "127.0.0.1" point to the same server an SSH client will treat them as entirely different entries.
Thus, sometimes that message is expected. But even an expected warning doesn't mean that there couldn't be a man-in-the-middle attack in progress. It sounds a little paranoid, but that's good security for you - anything can happen, at any time, and the more you do to rule out any variables the better.
So let's look at when and how to check the host fingerprint without using an SSH connection. We'll do it by going in through the server's web console.
If none of this applies to you, then I would get worried too.
I have no experience with raspberry pi. I dont know to what extent you can control it.
But I would cut it off from the internet.
Am I correct in supposing that the only way to access it is via ssh?
Since the connection using secure keys does not seem to work, try it using IP address, first as your user, then as root.
If none of this works, I suppose you are well and truly locked out of it, and the only way to repair is probably by re-installing - if that is possible.
Hey thanks xaos52. You help me out a lot. I really appreciate it.
I will follow your suggestions, and readings, and may well reinstall it, and do much more research on ssh and subsonic security, etc., I really only set up the media streamer as an experiment, then put owncloud on it as well. It's been running constantly for a few months. Perhaps this weekend is a good time to develop it into a much securer system.