ssl_fingerprint
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
ssl_fingerprint [2016/05/06 10:31] – luke7858 | ssl_fingerprint [2024/05/23 07:26] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 24: | Line 24: | ||
<sxh bash> | <sxh bash> | ||
The authenticity of host ' | The authenticity of host ' | ||
- | RSA key fingerprint is 59: | + | RSA key fingerprint is 59: |
Are you sure you want to continue connecting (yes/ | Are you sure you want to continue connecting (yes/ | ||
</ | </ | ||
+ | This ' | ||
\\ | \\ | ||
\\ | \\ | ||
- | Now its worth noting, if you are very strict about security then it would be worth retreiving the following information BEFORE sshing to the device for the first time. | ||
\\ | \\ | ||
- | If you now run the following | + | Now its worth noting, if you are very strict about security then it would be worth retrieving |
+ | \\ | ||
+ | \\ | ||
+ | If you wish to obtain the fingerprint before connecting to a device then you should | ||
<sxh bash> | <sxh bash> | ||
cd /etc/ssh | cd /etc/ssh | ||
Line 44: | Line 46: | ||
2048 59: | 2048 59: | ||
</ | </ | ||
+ | You can now compare the two when first sshing to the device. | ||
\\ | \\ | ||
+ | |||
\\ | \\ | ||
== .ssh/ | == .ssh/ | ||
- | Its worth noting that your server stores a FULL copy of the target devices public key in the file known_hosts | + | Your server stores a FULL copy of the target devices public key in the file known_hosts, along with its IP. |
\\ | \\ | ||
The fingerprint hash is for the use of humans so that its easier to compare fingerprints rather than trying to compare full private keys quickly. | The fingerprint hash is for the use of humans so that its easier to compare fingerprints rather than trying to compare full private keys quickly. | ||
Line 62: | Line 66: | ||
\\ | \\ | ||
== Fingerprint Changed == | == Fingerprint Changed == | ||
+ | Below is an example output when a devices public key has changed. If you receive the following warning and you believe the target device has NOT been re-installed/ | ||
<sxh bash> | <sxh bash> | ||
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ | @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ |
ssl_fingerprint.1462530682.txt.gz · Last modified: 2024/05/23 07:26 (external edit)