[asterisk-dev] gerrit.asterisk.org upgrade scheduled for Friday, May 28 1200Z
George Joseph
gjoseph at sangoma.com
Fri May 21 08:38:41 CDT 2021
If you are a contributor and have cloned any of the repositories from
gerrit.asterisk.org using an ssh URI like ssh://<username>@
gerrit.asterisk.org:29418, read on. Otherwise you can skip this message.
Normally we don't announce Gerrit upgrades because they usually don't
impact community developers but this one's a bit different. Back in 2015
when we commissioned the Asterisk Gerrit instance, we generated the SSH
host key with an algorithm and length that was appropriate at that time.
That algorithm/key length combination is no longer considered secure
however, and the latest version of Gerrit (3.4.0) doesn't support it. In
fact, the upgrade process automatically regenerates the key to one with a
stronger algorithm and length.
So, how does this affect you? The first time you perform a git action
that needs to contact gerrit.asterisk.org after it's been upgraded, you'll
probably get an error or warning like so...
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
> @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
> IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
> Someone could be eavesdropping on you right now (man-in-the-middle attack)!
> It is also possible that a host key has just been changed.
> ...
> Offending RSA key in /home/<username>/.ssh/known_hosts:nn
> ...
All you have to do to continue is remove the old host key from your
known_hosts file and retry the git command.
Just wanted to give you a heads up.
--
George Joseph
Asterisk Software Developer
Check us out at www.sangoma.com and www.asterisk.org
[image: image.png]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20210521/74d2de7a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 5142 bytes
Desc: not available
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20210521/74d2de7a/attachment.png>
More information about the asterisk-dev
mailing list