HOST key Changed after Factory reset 10 second hold

Routers
1

Gi v2 750 060k device issue.

Out of the box it worked, used online code messed it up, Factory reset, now, Can not access the router and all command to upgrade the ssh keys and reset by terminal are not working. Used the interface for resets as well. Can not get past this notification:

~ % ssh [email protected]

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

Someone could be eavesdropping on you right now (man-in-the-middle attack)!

It is also possible that a host key has just been changed.

The fingerprint for the ED25519 key sent by the remote host is

SHA256:zPw+tX+tsU7fAPbLtWPP1MBiRYxBOAizIWo3dzg3c44.

Please contact your system administrator.

Add correct host key in /Users/y/.ssh/known_hosts to get rid of this message.

Offending ED25519 key in /Users/y/.ssh/known_hosts:1

Host key for 192.168.8.1 has changed and you have requested strict checking.

Host key verification failed.

Help would be appreciated

2

You only need to delete the first line in /Users/y/.ssh/known_hosts
Or you can delete the whole file, if you don't know how to do so.

1 Like
4

I ended up using ssh-keygen -R 192.168.8.1

I have another question:
seems the 4.3.26 does not allow blue merle to function properly restricting some of the security features. though i did see that, upon rebooting, was changing the imei without blue merle on it. Have they upgraded the firmware to reflect the security vulnerabilities highlighted by SR labs ?

Key points:

  1. IMEI changer
    On rebooting of MUDI v2 the imei has been changing confirming on the terminal prompt; i assume this has been addressed?

  2. BSSID and WAN MAC address randomization

  3. MAC address log wiper

The last 2 - any update?

5

@bruce

1 Like
6

Hello,

Please refer to this post:

7

Alright I followed what you did and it seemed to work by removing the key.. But then upon trying to connect again I got this denial. What am I doing wrong?

PS C:\Users\drkni> ssh-keygen -R 192.168.8.1

Host 192.168.8.1 found: line 1

C:\Users\drkni/.ssh/known_hosts updated.
Original contents retained as C:\Users\drkni/.ssh/known_hosts.old
PS C:\Users\drkni> ssh [email protected]
The authenticity of host '192.168.8.1 (192.168.8.1)' can't be established.
ED25519 key fingerprint is SHA256:rGQDbpQX8YNendaTbqfIU9bEb7DV/BuVyOvisqlu3PA.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.8.1' (ED25519) to the list of known hosts.
[email protected]: Permission denied (publickey).

8

I deleted the file with the known hosts in the ssh folder.

I get to this now upon trying to connect:

PS C:\Users\drkni> ssh 192.168.8.1
The authenticity of host '192.168.8.1 (192.168.8.1)' can't be established.
ED25519 key fingerprint is SHA256:rGQDbpQX8YNendaTbqfIU9bEb7DV/BuVyOvisqlu3PA.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? Yes

Warning: Permanently added '192.168.8.1' (ED25519) to the list of known hosts.
[email protected]'s password:

I try entering the password I had originally used but it does not recognize it. What can I do to remove this and get it all reset?

9

Alright I finally figured it out and was able to remove the password and the key etc.

Got to here:

PS C:\Users\drkni> ssh-keygen -p

Enter file in which the key is (C:\Users\drkni/.ssh/id_ed25519): C:\Users\drkni.ssh\id_ed25519

Key has comment 'drkni@Nova'

Enter new passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved with the new passphrase.

PS C:\Users\drkni> ssh 192.168.8.1

ssh: connect to host 192.168.8.1 port 22: Connection refused

PS C:\Users\drkni> Fuck my life.. lol. This is so irritating, not sure why connection is being refused now. Taking a break… any suggestions would be appreciated before I just RMA this thing lol.

EDIT: Got it working! Just waited a bit longer after clearing the password then attempted to login as [email protected] and it worked just fine. Solved :slight_smile: