When trying to connect to a system via ssh for the first time you will get a message that you need to trust the ssh fingerprint of that system.
How do you know if the fingerprint displayed is the correct one, or if there is a man in the middle attack going on?
If you have another terminal open on the system you have you can go to /etc/ssh and execute the following:
How do you know if the fingerprint displayed is the correct one, or if there is a man in the middle attack going on?
If you have another terminal open on the system you have you can go to /etc/ssh and execute the following:
for file in *sa_key.pub do ssh-keygen -lf $file done
This will diplay the ssh fingerprints valid for this system so you can double check them.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.