On Fri, 2012-02-17 at 14:41 +0100, newsgroups.mail2@stefanbaur.de wrote:
Hi list,
after swapping a server and trying to connect to it with X2Go, x2goclient greets me with
Authentification failed
Host key for server changed. It is now: xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx For security reasons, connection will be stopped
OK
In the same situation, the NX client would ask if the key should be updated.
I can see that offering such a direct option is a good idea from a usability viewpoint, but a bad one from a security viewpoint, as users tend to click yes/allow on every popup they see.
The current approach of x2goclient is the total opposite.
A moderately experienced Linux user might figure out that ssh-keygen -R <hostip> will help, but to a Windows user, this will be an unsolvable mystery.
I would like to suggest adding an option to remove/update the key from within the X2Go-Client. However, to avoid "user click-through", it should be somewhere in the menu, and the popup message should be amended with a note pointing to that menu. <snip> That's an interesting compromise :) - John