Friday, August 17, 2007

Gnome Nautilus SSH fails when hostkey changed

Today I tried to upload some files to my server via Nautilus. Months ago I created an SSH connection to my home folder via the "Places - Connect to Server" option on the main menu. It allows you transparently use SSH via the graphical user interface.

However for some reason trying to double click the desktop connection just did not do anything at all. Selecting the entry in an open file manager windows led to a confusing error message:

Nautilus cannot display "ssh://".
Please select another viewer and try again.

Another connection, set up via WebDAV worked without problems. It occurred to me that this might have something to do with the recent crash of the server which made it necessary to set it up freshly. This of course included the generation of a new SSH host key. Trying to connect via the command line confirmed this:

ds@yavin:~$ ssh
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
Please contact your system administrator.
Add correct host key in /home/ds/.ssh/known_hosts to get rid of this message.
Offending key in /home/ds/.ssh/known_hosts:1
RSA host key for has changed and you have requested strict checking.
Host key verification failed.

Turns out that Nautilus fails for the same reason. Once I had edited the .ssh/known_hosts file and replaced the old key with the current one, the connection worked again.

There is a Ubuntu Bug (#41738) entry as well as a Gnome upstream report (#322501) describing this. However as this is rated as a low priority bug and has been known since Gnome 2.14 I do not expect it to be fixed very soon, so I thought it was worth noting here.

1 comment:

Hellboi said...

Ah.. Thank you. I had a similar issue when my Virtualbox turnkey installation of Wordpress failed in Ubuntu and I had to reinstall.
I wasn't sure of the new key @ home/me/.ssh/ known_hosts

Just deleting the old key then trying to connect again with Nautilus did the trick. It just asks for permission then updates the key by itself.

Thanks again.