[Novalug] Networking problem involving resolv.conf

Bonnie Dalzell bdalzell at qis.net
Fri Jul 27 10:39:04 EDT 2007 

recently my ISP changed how you access telnet/ssh.

Basically they turned telnet off.

Ok I know that is for security reasons.

The first time I tried to use ssh after these changes this is what I got:


@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for shell.qis.net has changed,
and the key for the according IP address 209.150.96.20
is unknown. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle 
attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
3f:b8:f8:16:56:27:b8:bb:df:66:84:e6:6e:c5:15:d0.
Please contact your system administrator.

So I called help at my ISP and we looked in the resolv.conf file and 
found only the ip for my computer.

So i deleted that and put in the ip for qis.net shell.

Things worked that time. But when I turned the computer off and on again I 
got a connection refused error with ssh.

So I looked in resolv.conf and found the ip I had edited in was gone and 
the old ip for my computer was all that was there.

I also opened System>Administration>Networking>DNS>DNSServers

and added the shell.qis.net numeric ip to the list of dns servers.

but connection was still refused. so I deleted the contents of 
.ssh/known_hosts and saved it back as a blank document and then did
ssh -l user_name shell.qis.net

and I got

the question line

The authenticity of host '2**.***.***.***' (2**.***.***.***)
can't be established.
RSA key fingerprint is **:**:**:**:**:**:**:**:**:**:**:**:**:**:**:

Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 2**.***.***.*** (RSA) to the list of known 
hosts.

So I type yes and then I can do ssh

We have a sort of complex set up with a dsl modem which hooks up to a 
router. The router is then hardwired to my linux computer and also to the
Airport for the two macs.

Right now my computer defaults to the ip address that the router has for 
my computer when it tries to find a name server.

I hope I have described this properly.

any insight into how I can have the computer keep the setup that gets 
me online rether than reverting to my local ip would be welcome


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                        Bonnie Dalzell, MA
mail:5100 Hydes Rd ---- Hydes MD USA 21082-----EMAIL:bdalzell at qis.net

freelance anatomist, vertebrate paleontologist, writer, illustrator, dog
breeder, computer nerd & iconoclast... Borzoi info at www.borzois.com.

Editor Net.Pet Online Animal Magazine  - http://www.netpetmagazine.com
HOME http://www.qis.net/~borzoi/          BUSINESS http://www.batw.com

More information about the Novalug mailing list