Shell/Fingerprints und Hausmeister: Unterschied zwischen den Seiten
(Unterschied zwischen Seiten)
Zur Navigation springen
Zur Suche springen
imported>Matthias.neumann (Änderung 971 von Matthias.neumann (Diskussion) rückgängig gemacht.) |
imported>Burghardt |
||
| Zeile 1: | Zeile 1: | ||
| + | Generelle Ansprechparter bei Problemen mit dem Gebäude sind die Hausmeister. Insbesondere gilt das auch bei: |
||
| − | __NOTOC__ |
||
| + | * Stromausfall - den Raum mit den Sicherungen können ''nur'' die Hausmeister (bzw. die Elektotechniker) betreten |
||
| − | * Back to [[Shell]] |
||
| + | * ... |
||
| + | {| class="wikitable sortable" |
||
| + | !Name || Rufnummer || Handy |
||
| + | |- |
||
| + | |Nolte || 19781 || *3919781 |
||
| + | |- |
||
| + | |Stein || 79091 || *3979091 |
||
| + | |- |
||
| + | |Rudolph|| 8004 || *398004 |
||
| + | |- |
||
| + | |} |
||
| + | |||
| + | * '''Meldung von Störungen''' bitte ''erst'' an den Hausmeister, nur in Notfällen an die Störmeldezentrale 1171 |
||
| + | === Andere === |
||
| − | While older ssh-versions relied on [[MD5]] (Message Digest number five) for generating a fingerprint this is considered "unsafe" for some time now. The current implementation uses [[SHA256]] by default. |
||
| + | * Gwdg: support@gwdg.de -- 201-1523 |
||
| + | [[Kategorie:IfI]] |
||
| − | == Current fingerprints as of April 2017 == |
||
| − | |||
| − | === Older Servers === |
||
| − | Included in [[debian]] [[Jessie]], [[Ubuntu]] [[Trusty]] and others. Used ''prior April 10th'' in <tt>login</tt>, <tt>shell</tt> and all pool workstations: |
||
| − | <pre> |
||
| − | ~$ lsb_release -d; for F in /etc/ssh/*.pub ; do echo -e "\n$F:"; ssh-keygen -l -f $F; done |
||
| − | Description: Ubuntu 14.04.5 LTS |
||
| − | |||
| − | /etc/ssh/ssh_host_ecdsa.pub: |
||
| − | 256 07:84:c9:e1:59:4f:03:75:69:b1:e4:d0:b4:1f:9a:cd root@nfsadm (ECDSA) |
||
| − | |||
| − | /etc/ssh/ssh_host_ed25519_key.pub: |
||
| − | 256 93:11:29:c4:a2:03:e1:2d:b1:82:05:74:dd:a5:3b:9a root@nfsadm (ED25519) |
||
| − | |||
| − | /etc/ssh/ssh_host_rsa_key.pub: |
||
| − | 2048 de:db:6e:72:52:de:30:73:db:bb:6e:79:df:f9:2c:0d root@nfsadm (RSA) |
||
| − | </pre> |
||
| − | |||
| − | === Newer Servers === |
||
| − | Included in debian [[Stretch]], Ubuntu [[Xenial]] and others. ''Currently used'' in <tt>login</tt>, <tt>shell</tt> and all pool workstations: |
||
| − | <pre> |
||
| − | ~$ lsb_release -d; for F in /etc/ssh/*.pub ; do echo -e "\n$F:"; ssh-keygen -l -f $F; done |
||
| − | Description: Ubuntu 16.04.2 LTS |
||
| − | |||
| − | /etc/ssh/ssh_host_dsa_key.pub: |
||
| − | 1024 SHA256:OpBcTf2pc3p3oUXKZvJ2773TULj6lskxYI/INZvLes8 root@c043 (DSA) |
||
| − | |||
| − | /etc/ssh/ssh_host_ecdsa_key.pub: |
||
| − | 256 SHA256:IN1YJYjBWzm1irujENh5KVB6RxqXBGbvIT6WrGv++fw root@nfs (ECDSA) |
||
| − | |||
| − | /etc/ssh/ssh_host_ed25519_key.pub: |
||
| − | 256 SHA256:P/gxfKUFA/5Gf9v5GOGQhcV3TgNzt9wS+moCKFjlUpo root@c009 (ED25519) |
||
| − | |||
| − | /etc/ssh/ssh_host_rsa_key.pub: |
||
| − | 1024 SHA256:f7orU3tn+mVuMlv/CjnfJOF8dr4/VhPhZMtSirMIndQ root@c043 (RSA) |
||
| − | </pre> |
||
| − | |||
| − | If you are using an old client you need to check the deprecated MD5 checksum: |
||
| − | <pre> |
||
| − | ~$ lsb_release -d; for F in /etc/ssh/*.pub ; do echo -e "\n$F:"; ssh-keygen -l -E MD5 -f $F; done |
||
| − | Description: Ubuntu 16.04.2 LTS |
||
| − | |||
| − | /etc/ssh/ssh_host_dsa_key.pub: |
||
| − | 1024 MD5:c0:e6:ac:3f:62:4c:4e:dc:cc:68:66:45:83:f2:23:9a root@c043 (DSA) |
||
| − | |||
| − | /etc/ssh/ssh_host_ecdsa_key.pub: |
||
| − | 256 MD5:1a:04:8e:f5:7e:e6:44:6a:a8:1f:b7:f0:8c:40:f8:ff root@nfs (ECDSA) |
||
| − | |||
| − | /etc/ssh/ssh_host_ed25519_key.pub: |
||
| − | 256 MD5:c5:fb:87:6c:78:29:32:90:ea:3d:3c:0d:9b:2c:83:bd root@c009 (ED25519) |
||
| − | |||
| − | /etc/ssh/ssh_host_rsa_key.pub: |
||
| − | 1024 MD5:c6:82:13:00:60:c5:70:a7:60:6b:09:8d:c7:0b:b3:06 root@c043 (RSA) |
||
| − | </pre> |
||
| − | |||
| − | == Actually compare a fingerprint when establishing a session == |
||
| − | As a client you need to verify the actually used key/fingerprint to those documented above. Depending on old/new implementations the exact behavior and output might be different: |
||
| − | |||
| − | === Using an '''older''' client === |
||
| − | * connecting to an '''old''' server |
||
| − | ~$ ssh -o VisualHostKey=yes shell.informatik.uni-goettingen.de |
||
| − | Host key fingerprint is 07:84:c9:e1:59:4f:03:75:69:b1:e4:d0:b4:1f:9a:cd |
||
| − | |||
| − | * connecting to a '''newer''' server |
||
| − | ~$ ssh -o VisualHostKey=yes newerserverinstance.informatik.uni-goettingen |
||
| − | Host key fingerprint is 1a:04:8e:f5:7e:e6:44:6a:a8:1f:b7:f0:8c:40:f8:ff |
||
| − | |||
| − | |||
| − | === Using a '''newer''' client === |
||
| − | * connecting to an '''old''' server |
||
| − | ~$ ssh -o VisualHostKey=yes shell.informatik.uni-goettingen.de |
||
| − | Host key fingerprint is SHA256:L+FCMj2bm8x/BfR8AdaaLnqTmFD35D0EYNlFG7a2dt8 |
||
| − | |||
| − | * connecting to an '''old''' server |
||
| − | ~$ ssh -o VisualHostKey=yes -o fingerprinthash=md5 shell.informatik.uni-goettingen.de |
||
| − | Host key fingerprint is MD5:07:84:c9:e1:59:4f:03:75:69:b1:e4:d0:b4:1f:9a:cd |
||
| − | |||
| − | * connecting to a '''newer''' server |
||
| − | ~$ ssh -o VisualHostKey=yes localhost |
||
| − | Host key fingerprint is SHA256:IN1YJYjBWzm1irujENh5KVB6RxqXBGbvIT6WrGv++fw |
||
| − | |||
| − | |||
| − | == See also == |
||
| − | * [[Shell]] |
||
Version vom 29. Juni 2017, 11:27 Uhr
Generelle Ansprechparter bei Problemen mit dem Gebäude sind die Hausmeister. Insbesondere gilt das auch bei:
- Stromausfall - den Raum mit den Sicherungen können nur die Hausmeister (bzw. die Elektotechniker) betreten
- ...
| Name | Rufnummer | Handy |
|---|---|---|
| Nolte | 19781 | *3919781 |
| Stein | 79091 | *3979091 |
| Rudolph | 8004 | *398004 |
- Meldung von Störungen bitte erst an den Hausmeister, nur in Notfällen an die Störmeldezentrale 1171
Andere
- Gwdg: support@gwdg.de -- 201-1523