Ssh-fingerprints: Difference between revisions

Jump to navigation Jump to search

Ssh-fingerprints (view source)

Revision as of 07:34, 12 August 2024

12 bytes added ,  12 August 2024
no edit summary
No edit summary
No edit summary
 
Line 8: Line 8:


On the initial host:
On the initial host:
root@screwdriver:~# ssh scorpion
root@screwdriver:~# ssh scorpion
The authenticity of host 'scorpion (<no hostip for proxy command>)' can't be established.
The authenticity of host 'scorpion (<no hostip for proxy command>)' can't be established.
ED25519 key fingerprint is SHA256:sjf89wi3rnwlkefn(IA(S*HANFlhfalknfsdfsadjfh.
ED25519 key fingerprint is SHA256:sjf89wi3rnwlkefn(IA(S*HANFlhfalknfsdfsadjfh.
This key is not known by any other names.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])?
Are you sure you want to continue connecting (yes/no/[fingerprint])?


On the target host:
On the target host:
root@scorpion:~# ssh-keyscan scorpion | ssh-keygen -lf -
root@scorpion:~# ssh-keyscan scorpion | ssh-keygen -lf -
\# scorpion:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u3
\# scorpion:22 SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u3
256 SHA256:lklsjdfsd8fd8*SDHANNAoaiodfnslakkfndsldkfn scorpion (ECDSA)
256 SHA256:lklsjdfsd8fd8*SDHANNAoaiodfnslakkfndsldkfn scorpion (ECDSA)
3072 SHA256:LKSdfjsi878sijn3lAUHUI&*GNSLFSadhofsnlka scorpion (RSA)
3072 SHA256:LKSdfjsi878sijn3lAUHUI&*GNSLFSadhofsnlka scorpion (RSA)
256 SHA256:sjf89wi3rnwlkefn(IA(S*HANFlhfalknfsdfsadjfh scorpion (ED25519)
256 SHA256:sjf89wi3rnwlkefn(IA(S*HANFlhfalknfsdfsadjfh scorpion (ED25519)


Here, the algorithm is defined by the inital host as 'ED25519', and on the target host you match the fingerprint to the fingerprint on the line with the same algorithm name in braces, so '(ED25519)' in this case.
Here, the algorithm is defined by the inital host as 'ED25519', and on the target host you match the fingerprint to the fingerprint on the line with the same algorithm name in braces, so '(ED25519)' in this case.


The fingerprints match, so you can accept the fingerprint on the initial host. If they do not match, do NOT accept, as your connection could be intercepted.
The fingerprints match, so you can accept the fingerprint on the initial host. If they do not match, do NOT accept, as your connection could be intercepted.
Dortund
116

edits

Retrieved from "https://docs.delftsolutions.nl/wiki/Special:MobileDiff/422"

Navigation menu