Key authenticity warning suggestion
Ben FrantzDale
bfrantzdale at hmc.edu
Tue Aug 26 02:56:54 EST 2003
On Mon, 2003-08-25 at 09:26, Darren J Moffat wrote:
> On Mon, 25 Aug 2003, Ben FrantzDale wrote:
> > ...
> > What do you think?
>
> That assumes that the remote machine is also running OpenSSH, which may
> not be the case. It is also making assumptions about the location and
> name of the host key (which is configurable in OpenSSH and other
> implementations).
That is true. I would guess that the people who would bother checking
would probably be able to figure it out. In the interest of correctness,
the message could say
If you have access to '192.168.0.123' and it runs OpenSSH, you
may be able to run ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
on it to verify this key fingerprint.
However it might be phrased, even the clue that ssh-keygen -l -f is a
likely way to check would be extremely helpful.
--Ben
More information about the openssh-unix-dev
mailing list