Skip to content

Troubleshooting

Brian J Best edited this page Dec 4, 2017 · 6 revisions

“Something Nasty” Error

You go to BlueSky connect to a computer and Terminal shows this:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
18:b2:85:13:11:45:f6:63:22:ac:de:9f:c2.
Please contact your system administrator.
Add correct host key in /Users/serveradmin/.ssh/known_hosts to get rid of this message.
Offending RSA key in /Users/serveradmin/.ssh/known_hosts:5
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
Port forwarding is disabled to avoid man-in-the-middle attacks.
Permission denied (publickey,keyboard-interactive).
Killed by signal 1.

That sounds ominous!!

SSH does this as a security measure to validate when connecting to a computer that you’ve previously shelled into. If this is happening on every BlueSky connection to any of your computers, it might be your server's keys. It’s probably not anything malicious but worth checking the keys in /etc/ssh on your server.

Far more likely is this: again assuming you’re not seeing this with every BlueSky connection then it’s probably just:

  • a computer that got its OS clean reinstalled
  • a BlueSky ID that used to be one computer but has been reassigned to a different computer

If you can verify either of these then look at this line in the error:

Offending RSA key in /Users/serveradmin/.ssh/known_hosts:5

That means to resolve this, on your own computer you can edit /Users/serveradmin/.ssh/known_hosts and delete the fifth line.

This validation can be disabled entirely if it is a regular problem for you. But it should be uncommon.

Having trouble with VNC, but connected fine with SSH?

Sometimes the screen sharing daemon on Mac has some difficulties (or sometimes is simply not configured). When that happens, you’ll be able to connect via SSH and do stuff on the command line, but doing any kind of screen sharing fails.

Try this on the command line and then attempt the VNC connection again:

sudo /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -configure -users -access -on -privs -all -allowAccessFor -allUsers -activate

The website is showing all check-ins as UTC not my local time zone

Log into your server and run dpkg-reconfigure tzdata That will allow you to set the time zone properly. Then reboot the server. On next check-in, the time stamps will display in your local time zone.