[X2Go-Dev] Bug#106: SSH Host Key Validation fails when ECDSA is already known
Christian Franke
admin at np.tl
Fri Jan 18 19:15:09 CET 2013
Package: x2goclient
Version: 4.0.0.1
I have a server to which I regularly use SSH. On one client system, I
used regular OpenSSH to connect to that server, accepting its ECDSA key
before ever connecting using x2goclient.
While I currently can ssh to that server without any problems using
ECDSA, when trying to connect with x2goclient, I get: "The host key for
this server was not found but an othertype of key exists. An attacker
might change the default server key to confuse your client into thinking
the key does not exist"
(nb: if I remember correctly x2goclient used to call regular OpenSSH,
now it seems to implement ssh by itself. I liked the former approach
much better since it allowed me to use SSH features like ControlMaster,
ProxyCommand etc. Also it avoids cat and mouse issues like this bug
seemingly originating from differing SSH Client feature sets)
More information about the x2go-dev
mailing list