Warning – Potential security breach!

Advertisement

pshep123
Joined:
Posts:
2
Location:
New York

Warning – Potential security breach!

I realize this is not a new subject, but the previous post(s) I've seen on the subject didn't answer my specific problem. I'm hoping that this isn't a MitM attack, but it could be.

Error after the "Warning" is "The server's host key does not match the one WinSCP has in cache..." and I'm given the option to Update, Add, Skip, or Cancel. I did "Skip" two times and was able to get on to the server and everything looked fine, but I'm concerned that I'm passing sensitive information when I use that option.

For some more detail, my server is hosted on AWS with load balancers and an RSA key-pair. However, the error message states "The new ED25519 key details are:...". I'm no security expert, but I believe ED25519 is a completely different protocol from RSA, which makes me think there is something nefarious going on.

Any help would be appreciated.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
38,408
Location:
Prague, Czechia

Re: Warning – Potential security breach!

I assume that the RSA key that you refer to is the one you authenticate with. That's different key than the host key.
See Understanding SSH Key Pairs.

If you have multiple SSH servers behind a load balancer, use Add button to cache keys of individual servers one-by-one.

Reply with quote

Advertisement

You can post new topics in this forum