From 79241e7c6597a190cd075278e4b5372057c1c8ac Mon Sep 17 00:00:00 2001 From: gStart9 <106188942+gStart9@users.noreply.github.com> Date: Tue, 23 Jan 2024 16:44:31 +0000 Subject: [PATCH] Fix/add ssh tofu warning (#589) * Add SSH pubkey warning on first ssh connection * Clarify instructions --- site/source/user-manual/ssh.rst | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/site/source/user-manual/ssh.rst b/site/source/user-manual/ssh.rst index 8e9891f..79b173c 100644 --- a/site/source/user-manual/ssh.rst +++ b/site/source/user-manual/ssh.rst @@ -100,7 +100,20 @@ Connecting via CLI Replacing ```` with your server's LAN (``.local``) address -.. note:: If you get a scary looking warning that says something like "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!" - fear not! This is most likely happening because you have recently reflashed or did an update from pre-v0.3.3, which would cause a change in the key for your device's hostname (e.g. `xxxxxxxx.local`) or IP address (e.g. `192.168.1.x`). The solution is to delete the existing entry from your `known_hosts` file, which is typically located at `~/.ssh/known_hosts`. This will be specified in the warning, along with a helpful line number (in case your file is lengthy). +.. note:: + The first time you connect, you will see something like this: + + ``The authenticity of host 'pregame-margin.local (192.168.1.175)' can't be established.`` + + ``ED25519 key fingerprint is SHA256:BgYhzyIDbshm3annI1cfySd8C4/lh6Gfk2Oi3FdIVAa.`` + + ``This key is not known by any other names.`` + + ``Are you sure you want to continue connecting (yes/no/[fingerprint])?`` + + Type ``yes`` and hit Enter to start trusting the server's SSH public key. + + If you get a scary looking warning that says something like ``WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!`` - fear not! This is most likely happening because you have recently reflashed or did an update from pre-v0.3.3, which would cause a change in the key for your device's hostname (e.g. `xxxxxxxx.local`) or IP address (e.g. `192.168.1.x`). The solution is to delete the existing entry from your `known_hosts` file, which is typically located at `~/.ssh/known_hosts`. This will be specified in the warning, along with a helpful line number (in case your file is lengthy). Connecting via PuTTY on Windows -------------------------------