Differences between revisions 34 and 37 (spanning 3 versions)
Revision 34 as of 2018-07-18 09:32:12
Size: 1311
Editor: misticat
Comment:
Revision 37 as of 2018-07-20 09:33:27
Size: 1727
Editor: maegger
Comment:
Deletions are marked like this. Additions are marked like this.
Line 11: Line 11:
Be aware that the . is not part of they key /!\ Be aware that the "." (dot) at the end of the fingerprint is not part of they key.
Line 23: Line 23:
On the top left there is a button to show or hide the SSH-Keys. These keys are saved in a file so the system can be authenticated as a "known host". Upon clicking "Yes" on your first connection to a server, the connection will be saved in that file.
Line 31: Line 33:

If come across this case please under no circumstances press yes and contact us immediately us at support@ee.ethz.ch

SSH Fingerprints Website

If you're connecting the first time to a SSH Server you will perhaps get an alert message. The fingerprint should also be shown right below the message.

Windows

alert.jpg

Linux

linux.jpg

/!\ Be aware that the "." (dot) at the end of the fingerprint is not part of they key.

The website

You can check if the fingerprint is correct with this website (https://ssh-fingerprints.ee.ethz.ch/).

The website contains the SSH fingerprints of every SSH server we manage.

Type in the hostname you want to connect to into the search bar on the top right corner of the website. The host with its fingerprint should now be shown in the table. Compare the fingerprint with the alert message. If it's the same fingerprint as shown then you can safely trust the connection.

On the top left there is a button to show or hide the SSH-Keys. These keys are saved in a file so the system can be authenticated as a "known host". Upon clicking "Yes" on your first connection to a server, the connection will be saved in that file.

There may be more than one ssh-key for one host. ssh-ed25519 has stronger encryption than ssh-rsa but ist not yet widely supported.

There also is a md5 and SHA256 version of every key. Windows uses the md5 and Linux the SHA256 one.

Example for bad connection

compare.png

As you can see the name and the IP address is the same but the ssh key is not. You should not only check the hostname and IP address but most importantly the fingerprint.

If come across this case please under no circumstances press yes and contact us immediately us at support@ee.ethz.ch

SshFingerprints (last edited 2023-10-16 13:35:16 by alders)