Date: Thu, 4 Jan 2001 10:45:35 -0600 From: David Kelly <dkelly@hiwaay.net> To: Dima Dorfman <dima@unixfreak.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: fingerprint of ssh host pubic key? Message-ID: <20010104104535.B20623@grumpy.dyndns.org> In-Reply-To: <20010104063225.12A513E02@bazooka.unixfreak.org>; from dima@unixfreak.org on Wed, Jan 03, 2001 at 10:32:20PM -0800 References: <dkelly@HiWAAY.net> <20010104063225.12A513E02@bazooka.unixfreak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 03, 2001 at 10:32:20PM -0800, Dima Dorfman wrote: > > When connecting via ssh to a host for the first time, ssh has the gaul > > to ask me if an "RSA key fingerprint ..." is correct. Well, duh, how am > > I supposed to know? I think I'm connecting to my own machine. Just how > > might I determine the fingerprint in advance? > > `ssh-keygen -lf /etc/ssh/ssh_host_key.pub` will produce something like: > > 1024 6f:79:c5:5a:2f:72:5b:ef:a5:fe:b4:e9:59:43:41:80 root@hornet.unixfreak.org > > The second word is what the ssh client displays when you first connect > to somthing. Obviously, the above command assumes that your ssh host > key lives in /etc/ssh (which is the default). Ah! Wonderful! That's exactly want I wanted. Works pretty good on ~/.ssh/known-hosts too. Now to study the man page for ssh-keygen to see if I can understand why I couldn't figure that out for myself. -- David Kelly N4HHE, dkelly@hiwaay.net ===================================================================== The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010104104535.B20623>