Fix FreeRDP remote host identification has changed

When connecting to multiple Windows PCs using SSH port forwarding, you might get error:

The host key for localhost has changed
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.

While you must consider the security implications of this option for yourself, you can include the

/cert-ignore

option in the freerdp command to bypass this error message.

Since the SSH server and RDP are both on the same Windows PC, the man-in-the-middle check may be somewhat less likely to be needed.

Example

  • Remote PC IP: 1.2.3.4
  • Remote PC SSH port: 22 (open TCP firewall)
  • Remote PC RDP port: 3389 (blocked by remote PC firewall)
#!/bin/sh
ssh -f -p 22 -L 3391:localhost:3389 joe@1.2.3.4 sleep 1;
xfreerdp /cert-ignore /u:joe /v:localhost:3391

Tags:

Categories:

Written by Michael Hirsch, Ph.D. //

Comments