[Bug 3216] New: Confusing error "host key ... has changed" when connecting to a server not offering matching host key types

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Sep 30 04:31:51 AEST 2020 

https://bugzilla.mindrot.org/show_bug.cgi?id=3216

            Bug ID: 3216
           Summary: Confusing error "host key ... has changed" when
                    connecting to a server not offering matching host key
                    types
           Product: Portable OpenSSH
           Version: 7.9p1
          Hardware: ARM64
                OS: Linux
            Status: NEW
          Severity: minor
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jatjasjem at gmail.com

I'm trying to connect to a server that I previously connected to. The
last
time I connected to it, ssh used its ECDSA key for host verification.
This is
the only key in my known hosts file:

    $ cat ~/.ssh/known_hosts | awk '{print $2}' | uniq
    ecdsa-sha2-nistp256

The server is no longer offering this key. This is what I get when I
try to
connect now:

    $ ssh user at host -p 23
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
    Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
    It is also possible that a host key has just been changed.
    The fingerprint for the RSA key sent by the remote host is
    SHA256:VzEhMh3aw2lqAsZSdLbYJAhwW4yIgUxCRotrMoWqzT9.
    Please contact your system administrator.
    Add correct host key in /home/user/.ssh/known_hosts to get rid of
this message.
    Offending ECDSA key in /home/user/.ssh/known_hosts:1
      remove with:
      ssh-keygen -f "/home/user/.ssh/known_hosts" -R "[host]:23"
    RSA host key for [host]:23 has changed and you have requested
strict checking.
    Host key verification failed.

I am expecting to get this warning, but the penultimate line sounds
wrong to
me. From the point of view of ssh, "RSA host key" shouldn't appear
changed; it
didn't know anything about it at all. In fact, the actual RSA key on
the 
server never changed. What changed was the type of key offered by the
server.

I think the error message should reflect that.

To reproduce, run

    /usr/sbin/sshd -ddd -p 23 -oHostKeyAlgorithms=ecdsa-sha2-nistp256

Connect to let ssh remember the key, then run

    /usr/sbin/sshd -ddd -p 23 -oHostKeyAlgorithms=rsa-sha2-256

Connect again and observe the error

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list