Swarthmore College Department of Computer Science

new host ssh keys for some lab machines

We are trying to set up a new service such that you can do this: 

      ssh cslab.cs.swarthmore.edu
and you will connect to the "best available" cs lab machine.

In order for this to work, all machines that are part of the cslab "alias" will need to have the same ssh host key. Otherwise, ssh would complain each time you log in to cslab.cs.swarthmore.edu and it chooses a different machine (e.g., one time you may ssh to cslab and get onion and the next time you might get lemon.cs.swarthmore.edu).

Over the summer (2011), as we upgrade machines to ubuntu natty (11.04), I will be changing some lab machines to have the same ssh host keys. If you get the ssh warning (WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!), that means you have an old ssh key stored somewhere. You should delete the old key and accept the new key. The new ssh host key should have one of the following fingerprints: 

1024 e2:f5:5c:b1:b8:5d:98:4d:99:34:c5:29:56:e1:95:67 ssh_host_rsa_key.pub (RSA)
1024 72:14:44:36:46:fc:e7:3b:b3:31:7e:6f:c7:f6:67:09 ssh_host_dsa_key.pub (DSA)

How to delete an old ssh key

Open up /home/yourusername/.ssh/known_hosts2 and/or known_hosts in your favorite text editor and delete the "offending" lines. For example, in this case: 

Offending key in /home/john/.ssh/known_hosts2:195
user john needs to delete line 195 from the known_hosts2 file.

Machines I think will have their ssh host key changed

butter
carrot
chicory
cilantro
cinnamon
coriander
cornstarch
cream
elderberry
mace
milk
mushroom
nutmeg
pepper
saffron
salt
tarragon
vinegar
wasabi

If you have any questions about this, please email local-staff.