Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH key code versus server key code
Special Forums Cybersecurity SSH key code versus server key code Post 302071119 by x96riley3 on Wednesday 12th of April 2006 11:57:26 AM
Old 04-12-2006
I think most people are not following what you need.

When you log into the remote server you are accepting the servers host key. This is done the first time you go there. The next time you go there, ssh will check to make sure the host key you accepted the first time is still the same host key. If it's not you will get a man-in-the-middle error. This says, "Hey, your host key doesn't match what I have for a host key. Either I somehow have a new host key or someone is trying to become the target server." If you trust the server, you accept the new host key which is stored locally for you. Once this has taken place you should be prompted to enter your passphrase.

Host keys are used to identify servers. Why? Cause someone could be performing a DOS attack against the real server. There could be IP spoofing of some sort going on. This helps prevent that.

Hope this helps.

-X
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Pressing backspace key simulates enter key

Hi, Whenever i press the backspace key, a new line appears, i.e. it works like a enter key. :confused: Thanks (2 Replies)
Discussion started by: vibhor_agarwali
2 Replies

2. AIX

SSH has this error: "server refused our key"

I did successful yestday as Porter's doc: 1. Create private/pub key on AIX: $ssh-keygen -t identity 2. Get my private key from the AIX server, found in $HOME/.ssh/identity Put that on Windows box. I use WinSCP to transfer private key from AIX to Windows 3. Run puttygen.exe and... (8 Replies)
Discussion started by: rainbow_bean
8 Replies

3. UNIX for Advanced & Expert Users

ssh key

Hi all, I have a sshkey which I use to connect from my unix box to a linux box without any issue...... however I downloaded this same key to my laptop and tried to connect to the same linux box but it failed..... As my laptop is running MS Vista I guessing I going have to convert it ...... (1 Reply)
Discussion started by: Zak
1 Replies

4. Programming

Is scan code of every key fixed in all keyboard

Hi everyone, Is scan code of every key fixed in all keyboard or different keyboard has different scan code for every key? Thank you in advance! (2 Replies)
Discussion started by: liuyan03
2 Replies

5. Shell Programming and Scripting

Generate Public Key when the server is not ssh enabled

I am writing a script that needs to access various servers some of which are not ssh enabled. In order to access the ssh enabled servers I am using the following command to generate the public key : ssh-keygen -t rsa Is there a similar command for the other servers as well. If I try to use... (1 Reply)
Discussion started by: ravneet123
1 Replies

6. Shell Programming and Scripting

Using ssh to add register key on ssh server

Hi, I want to use ssh to add a register key on remote ssh server. Since there are space characters in my register key string, it always failed. If there is no space characters in the string, it worked fine. The following is what I have tried. It seems that "ssh" command doesn't care about double... (9 Replies)
Discussion started by: leaftree
9 Replies

7. Solaris

Solaris 8 ssh public key authentication issue - Server refused our key

Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks. ... (1 Reply)
Discussion started by: aixlover
1 Replies

8. Shell Programming and Scripting

Need Help ssh key fail on remote server

Hello everyone, I need some help writing a bash script to: 1. ssh from a jumpserver to 50 remote servers logging in automatically using ssh keys and capture if zabbix is running by running a "ps -ef | grep zabbix" and output to a logfile capturing the server hostname and ps -ef output to... (2 Replies)
Discussion started by: vtowntechy
2 Replies

LEARN ABOUT NETBSD

ktutil

KTUTIL(8)						    BSD System Manager's Manual 						 KTUTIL(8)

NAME

     ktutil -- manage Kerberos keytabs

SYNOPSIS

     ktutil [-k keytab | --keytab=keytab] [-v | --verbose] [--version] [-h | --help] command [args]

DESCRIPTION

     ktutil is a program for managing keytabs.	Supported options:

     -v, --verbose
	     Verbose output.

     command can be one of the following:

     add [-p principal] [--principal=principal] [-V kvno] [--kvno=kvno] [-e enctype] [--enctype=enctype] [-w password] [--password=password] [-r]
		 [--random] [-s] [--no-salt] [-H] [--hex]
		 Adds a key to the keytab. Options that are not specified will be prompted for. This requires that you know the password or the
		 hex key of the principal to add; if what you really want is to add a new principal to the keytab, you should consider the get
		 command, which talks to the kadmin server.

     change [-r realm] [--realm=realm] [--a host] [--admin-server=host] [--s port] [--server-port=port]
		 Update one or several keys to new versions.  By default, use the admin server for the realm of a keytab entry.  Otherwise it will
		 use the values specified by the options.

		 If no principals are given, all the ones in the keytab are updated.

     copy keytab-src keytab-dest
		 Copies all the entries from keytab-src to keytab-dest.

     get [-p admin principal] [--principal=admin principal] [-e enctype] [--enctypes=enctype] [-r realm] [--realm=realm] [-a admin server]
		 [--admin-server=admin server] [-s server port] [--server-port=server port] principal ...
		 For each principal, generate a new key for it (creating it if it doesn't already exist), and put that key in the keytab.

		 If no realm is specified, the realm to operate on is taken from the first principal.

     list [--keys] [--timestamp]
		 List the keys stored in the keytab.

     remove [-p principal] [--principal=principal] [-V -kvno] [--kvno=kvno] [-e -enctype] [--enctype=enctype]
		 Removes the specified key or keys. Not specifying a kvno removes keys with any version number. Not specifying an enctype removes
		 keys of any type.

     rename from-principal to-principal
		 Renames all entries in the keytab that match the from-principal to to-principal.

     purge [--age=age]
		 Removes all old versions of a key for which there is a newer version that is at least age (default one week) old.

SEE ALSO

     kadmin(8)

BSD
								  April 14, 2005							       BSD
All times are GMT -4. The time now is 02:53 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy