Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH key code versus server key code
Special Forums Cybersecurity SSH key code versus server key code Post 302071119 by x96riley3 on Wednesday 12th of April 2006 11:57:26 AM
Old 04-12-2006
I think most people are not following what you need.

When you log into the remote server you are accepting the servers host key. This is done the first time you go there. The next time you go there, ssh will check to make sure the host key you accepted the first time is still the same host key. If it's not you will get a man-in-the-middle error. This says, "Hey, your host key doesn't match what I have for a host key. Either I somehow have a new host key or someone is trying to become the target server." If you trust the server, you accept the new host key which is stored locally for you. Once this has taken place you should be prompted to enter your passphrase.

Host keys are used to identify servers. Why? Cause someone could be performing a DOS attack against the real server. There could be IP spoofing of some sort going on. This helps prevent that.

Hope this helps.

-X
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Pressing backspace key simulates enter key

Hi, Whenever i press the backspace key, a new line appears, i.e. it works like a enter key. :confused: Thanks (2 Replies)
Discussion started by: vibhor_agarwali
2 Replies

2. AIX

SSH has this error: "server refused our key"

I did successful yestday as Porter's doc: 1. Create private/pub key on AIX: $ssh-keygen -t identity 2. Get my private key from the AIX server, found in $HOME/.ssh/identity Put that on Windows box. I use WinSCP to transfer private key from AIX to Windows 3. Run puttygen.exe and... (8 Replies)
Discussion started by: rainbow_bean
8 Replies

3. UNIX for Advanced & Expert Users

ssh key

Hi all, I have a sshkey which I use to connect from my unix box to a linux box without any issue...... however I downloaded this same key to my laptop and tried to connect to the same linux box but it failed..... As my laptop is running MS Vista I guessing I going have to convert it ...... (1 Reply)
Discussion started by: Zak
1 Replies

4. Programming

Is scan code of every key fixed in all keyboard

Hi everyone, Is scan code of every key fixed in all keyboard or different keyboard has different scan code for every key? Thank you in advance! (2 Replies)
Discussion started by: liuyan03
2 Replies

5. Shell Programming and Scripting

Generate Public Key when the server is not ssh enabled

I am writing a script that needs to access various servers some of which are not ssh enabled. In order to access the ssh enabled servers I am using the following command to generate the public key : ssh-keygen -t rsa Is there a similar command for the other servers as well. If I try to use... (1 Reply)
Discussion started by: ravneet123
1 Replies

6. Shell Programming and Scripting

Using ssh to add register key on ssh server

Hi, I want to use ssh to add a register key on remote ssh server. Since there are space characters in my register key string, it always failed. If there is no space characters in the string, it worked fine. The following is what I have tried. It seems that "ssh" command doesn't care about double... (9 Replies)
Discussion started by: leaftree
9 Replies

7. Solaris

Solaris 8 ssh public key authentication issue - Server refused our key

Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks. ... (1 Reply)
Discussion started by: aixlover
1 Replies

8. Shell Programming and Scripting

Need Help ssh key fail on remote server

Hello everyone, I need some help writing a bash script to: 1. ssh from a jumpserver to 50 remote servers logging in automatically using ssh keys and capture if zabbix is running by running a "ps -ef | grep zabbix" and output to a logfile capturing the server hostname and ps -ef output to... (2 Replies)
Discussion started by: vtowntechy
2 Replies

LEARN ABOUT DEBIAN

libssh2_knownhost_checkp

libssh2_knownhost_check(3)					  libssh2 manual					libssh2_knownhost_check(3)

NAME

       libssh2_knownhost_checkp - check a host+key against the list of known hosts

SYNOPSIS

       #include <libssh2.h>

       int libssh2_knownhost_checkp(LIBSSH2_KNOWNHOSTS *hosts,
				    const char *host, int port,
				    const char *key, size_t keylen,
				    int typemask,
				    struct libssh2_knownhost **knownhost);

DESCRIPTION

       Checks a host and its associated key against the collection of known hosts, and returns info back about the (partially) matched entry.

       host is a pointer the host name in plain text. The host name can be the IP numerical address of the host or the full name.

       port  is the port number used by the host (or a negative number to check the generic host). If the port number is given, libssh2 will check
       the key for the specific host + port number combination in addition to the plain host name only check.

       key is a pointer to the key for the given host.

       keylen is the total size in bytes of the key pointed to by the key argument

       typemask is a bitmask that specifies format and info about the data passed to this function. Specificly, it details what  format  the  host
       name is, what format the key is and what key type it is.

       The host name is given as one of the following types: LIBSSH2_KNOWNHOST_TYPE_PLAIN or LIBSSH2_KNOWNHOST_TYPE_CUSTOM.

       The key is encoded using one of the following encodings: LIBSSH2_KNOWNHOST_KEYENC_RAW or LIBSSH2_KNOWNHOST_KEYENC_BASE64.

       knownhost  if  set  to  non-NULL, it must be a pointer to a 'struct libssh2_knownhost' pointer that gets filled in to point to info about a
       known host that matches or partially matches.

RETURN VALUE

       libssh2_knownhost_check(3) returns info about how well the provided host + key pair matched one of the entries in the list of known hosts.

       LIBSSH2_KNOWNHOST_CHECK_FAILURE - something prevented the check to be made

       LIBSSH2_KNOWNHOST_CHECK_NOTFOUND - no host match was found

       LIBSSH2_KNOWNHOST_CHECK_MATCH - hosts and keys match.

       LIBSSH2_KNOWNHOST_CHECK_MISMATCH - host was found, but the keys didn't match!

AVAILABILITY

       Added in libssh2 1.2.6

EXAMPLE

       See the ssh2_exec.c example as provided in the tarball.

SEE ALSO

       libssh2_knownhost_init(3) libssh2_knownhost_free(3) libssh2_knownhost_add(3)

libssh2 1.2.6							    1 May 2010						libssh2_knownhost_check(3)
All times are GMT -4. The time now is 11:01 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy