Shell/Fingerprints

Aus Doc-Wiki
Version vom 2. Oktober 2017, 12:46 Uhr von imported>Burghardt
Zur Navigation springen Zur Suche springen

To verify a fingerprint you need to know the correct one. These to-be-verified correct fingerprints can be shown after you're logged in on the target server. Of course this is a classic chicken-and-egg problem situation. You need to get the correct fingerprints through an independent communication channel in beforehand. In our case that is the list below:

Current fingerprints as of October 2017

  • md5 is deprecated but better than nothing:
~$ for F in /etc/dxs/shellX-ssh/*.pub ; do  echo -e "\n$F:"; ssh-keygen -l -E md5  -f $F; done

/etc/dxs/shellX-ssh/ssh_host_ecdsa.pub:
256 MD5:07:84:c9:e1:59:4f:03:75:69:b1:e4:d0:b4:1f:9a:cd root@nfsadm (ECDSA)

/etc/dxs/shellX-ssh/ssh_host_ed25519_key.pub:
256 MD5:93:11:29:c4:a2:03:e1:2d:b1:82:05:74:dd:a5:3b:9a root@nfsadm (ED25519)

/etc/dxs/shellX-ssh/ssh_host_rsa_key.pub:
2048 MD5:de:db:6e:72:52:de:30:73:db:bb:6e:79:df:f9:2c:0d root@nfsadm (RSA)
  • sha256:
~$ for F in /etc/dxs/shellX-ssh/*.pub ; do  echo -e "\n$F:"; ssh-keygen -l -E sha256  -f $F; done

/etc/dxs/shellX-ssh/ssh_host_ecdsa.pub:
256 SHA256:L+FCMj2bm8x/BfR8AdaaLnqTmFD35D0EYNlFG7a2dt8 root@nfsadm (ECDSA)

/etc/dxs/shellX-ssh/ssh_host_ed25519_key.pub:
256 SHA256:H4FLNG2aNYRZ3jxepIx5E0s0a2ZvtZbbmVLt56b+nK0 root@nfsadm (ED25519)

/etc/dxs/shellX-ssh/ssh_host_rsa_key.pub:
2048 SHA256:DpP5/EfbApVUwseVeQOVpAFvGiZIJmYmjUyC4Cnuatk root@nfsadm (RSA)


Actually compare a fingerprint when establishing a session



See also