Assembla Support Forums

Jun 19, 2008 7:22am

Vitalie Lazu Administrator 514 post(s)

yesterday we updated sshd service on git.assembla.com server, if your public key was accepted till yesterday and after not, it means that you have a vulnerable ssh key, you should generate new one and submit to your profile. Do not forget after to synchronize your git tool ssh keys if you are owner of the space or ask one owner to do that.

logs from our server:

 Public key e4:50:41:d9:0d:00:72:93:81:f0:cd:3c:00:d2:8a:29 from x.x.x.x blacklisted (see ssh-vulnkey(1)) : 1 time(s)
 Public key 35:57:47:22:1c:7f:a6:cc:ca:8b:8e:bc:80:77:3e:03 from x.x.x.x blacklisted (see ssh-vulnkey(1)) : 2 time(s)
 Public key cc:57:fa:f4:dd:91:2e:82:80:c1:42:5f:57:18:e8:75 from x.x.x.x blacklisted (see ssh-vulnkey(1)) : 7 time(s)

Jun 21, 2008 9:59am

lasitha rana... 4 post(s)

Did this also include changing your server fingerprint?

I am getting the following warning when i try to connect:
WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
...
RSA host key for git.assembla.com has changed …

Or am i actually being attacked by a man-in-the-middle ?!

Cheers, lasitha.

Jun 21, 2008 10:15am

wolfie 7 post(s)

I’m getting the same message. I’ll wait for a confirmation on this issue before I’ll go and reset my rsa key for the git server

Jun 21, 2008 10:31am

Vitalie Lazu Administrator 514 post(s)

Yes, new ssh keys was generated .

New RSA key fingerprint for git.assembla.com server: 58:24:fc:ff:4c:c7:9d:eb:2f:a9:a4:f1:9f:3b:45:90
DSA key fingerprint is 67:68:f1:7e:a3:69:a5:a6:9d:b0:0e:3a:c0:4e:71:ac

Jun 21, 2008 10:56am

lasitha rana... 4 post(s)

Thanks for the speedy update!
Working fine now.

Jun 19, 2008 7:22am Vitalie Lazu Administrator 514 post(s)	yesterday we updated sshd service on git.assembla.com server, if your public key was accepted till yesterday and after not, it means that you have a vulnerable ssh key, you should generate new one and submit to your profile. Do not forget after to synchronize your git tool ssh keys if you are owner of the space or ask one owner to do that. logs from our server: Public key e4:50:41:d9:0d:00:72:93:81:f0:cd:3c:00:d2:8a:29 from x.x.x.x blacklisted (see ssh-vulnkey(1)) : 1 time(s) Public key 35:57:47:22:1c:7f:a6:cc:ca:8b:8e:bc:80:77:3e:03 from x.x.x.x blacklisted (see ssh-vulnkey(1)) : 2 time(s) Public key cc:57:fa:f4:dd:91:2e:82:80:c1:42:5f:57:18:e8:75 from x.x.x.x blacklisted (see ssh-vulnkey(1)) : 7 time(s)

Jun 21, 2008 9:59am lasitha rana... 4 post(s)	Did this also include changing your server fingerprint? I am getting the following warning when i try to connect: WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! ... RSA host key for git.assembla.com has changed … Or am i actually being attacked by a man-in-the-middle ?! Cheers, lasitha.

Jun 21, 2008 10:15am wolfie 7 post(s)	I’m getting the same message. I’ll wait for a confirmation on this issue before I’ll go and reset my rsa key for the git server

Jun 21, 2008 10:31am Vitalie Lazu Administrator 514 post(s)	Yes, new ssh keys was generated . New RSA key fingerprint for git.assembla.com server: 58:24:fc:ff:4c:c7:9d:eb:2f:a9:a4:f1:9f:3b:45:90 DSA key fingerprint is 67:68:f1:7e:a3:69:a5:a6:9d:b0:0e:3a:c0:4e:71:ac

Jun 21, 2008 10:56am lasitha rana... 4 post(s)	Thanks for the speedy update! Working fine now.

Git ssh keys