From: Filipp Gunbin <fgunbin@fastmail.fm>
To: 20246@debbugs.gnu.org
Subject: bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key
Date: Thu, 02 Apr 2015 17:10:03 +0300 [thread overview]
Message-ID: <m2twwyvcxw.fsf@fastmail.fm> (raw)
When I try to connect to a host and that host's key differs from what I
have in ~/.ssh/known_hosts Tramp does not handle that correctly.
SSH suspects an attack, but in my case it is not.
I suppose Tramp could show the full error message emitted by ssh.
Filipp
*Messages*:
Tramp: Opening connection for fgunbin@<myhost> using ssh...
Tramp: Sending command `exec ssh -l fgunbin -o ControlMaster=auto -o ControlPath='tramp.%C' -o ControlPersist=no -e none <myhost>'
Tramp: Waiting for prompts from remote shell...failed
Tramp: Opening connection for fgunbin@<myhost> using ssh...failed
tramp debug buffer:
16:58:00.853274 tramp-process-one-action (5) # Looking for regexp "\(\)\'" from remote shell
16:58:00.853332 tramp-process-one-action (5) # Call `tramp-action-process-alive'
16:58:00.853511 tramp-process-actions (6) #
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:<fingerprint>.
Please contact your system administrator.
Add correct host key in /Users/fgunbin/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /Users/fgunbin/.ssh/known_hosts:67
ECDSA host key for <myhost> has changed and you have requested strict checking.
Host key verification failed.
16:58:00.853619 tramp-process-sentinel (5) # Sentinel called: `#<process *tramp/ssh fgunbin@<myhost>*>' `exited abnormally with code 255
'
16:58:00.855144 tramp-process-actions (1) # File error: Tramp failed to connect. If this happens repeatedly, try
`M-x tramp-cleanup-this-connection'
16:58:00.855824 tramp-maybe-open-connection (3) # Opening connection for fgunbin@<myhost> using ssh...failed
16:58:00.858610 tramp-get-remote-perl (5) # Finding a suitable `perl' command
16:58:00.858762 tramp-file-name-handler (1) # Suppress received in operation (file-name-all-completions var /ssh:fgunbin@<myhost>:/)
16:58:00.861488 tramp-get-remote-perl (5) # Finding a suitable `perl' command
16:58:00.861661 tramp-file-name-handler (1) # Suppress received in operation (file-name-all-completions /ssh:fgunbin@<myhost>:/)
Usual bug-report stuff:
In GNU Emacs 25.0.50.1 (x86_64-apple-darwin14.1.0)
of 2015-03-12 on fgunbin.local
Repository revision: 2401274b239e837ec274b373ba0f2848faaea7b2
Configured using:
`configure --without-all --with-xml2 --without-x --with-wide-int'
Configured features:
LIBXML2
next reply other threads:[~2015-04-02 14:10 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-02 14:10 Filipp Gunbin [this message]
2015-04-03 10:05 ` bug#20246: 25.0.50; Tramp does not show correct error message when ssh refuses to connect to host due to changed host key Michael Albinus
2015-04-09 20:07 ` Filipp Gunbin
2015-04-10 14:38 ` Michael Albinus
2015-04-14 18:52 ` Filipp Gunbin
2015-04-16 14:30 ` Michael Albinus
2015-05-08 10:36 ` Filipp Gunbin
2022-01-24 16:12 ` Lars Ingebrigtsen
2022-02-22 1:05 ` Lars Ingebrigtsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m2twwyvcxw.fsf@fastmail.fm \
--to=fgunbin@fastmail.fm \
--cc=20246@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).