Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH key code versus server key code
Special Forums Cybersecurity SSH key code versus server key code Post 302071119 by x96riley3 on Wednesday 12th of April 2006 11:57:26 AM
Old 04-12-2006
I think most people are not following what you need.

When you log into the remote server you are accepting the servers host key. This is done the first time you go there. The next time you go there, ssh will check to make sure the host key you accepted the first time is still the same host key. If it's not you will get a man-in-the-middle error. This says, "Hey, your host key doesn't match what I have for a host key. Either I somehow have a new host key or someone is trying to become the target server." If you trust the server, you accept the new host key which is stored locally for you. Once this has taken place you should be prompted to enter your passphrase.

Host keys are used to identify servers. Why? Cause someone could be performing a DOS attack against the real server. There could be IP spoofing of some sort going on. This helps prevent that.

Hope this helps.

-X
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Pressing backspace key simulates enter key

Hi, Whenever i press the backspace key, a new line appears, i.e. it works like a enter key. :confused: Thanks (2 Replies)
Discussion started by: vibhor_agarwali
2 Replies

2. AIX

SSH has this error: "server refused our key"

I did successful yestday as Porter's doc: 1. Create private/pub key on AIX: $ssh-keygen -t identity 2. Get my private key from the AIX server, found in $HOME/.ssh/identity Put that on Windows box. I use WinSCP to transfer private key from AIX to Windows 3. Run puttygen.exe and... (8 Replies)
Discussion started by: rainbow_bean
8 Replies

3. UNIX for Advanced & Expert Users

ssh key

Hi all, I have a sshkey which I use to connect from my unix box to a linux box without any issue...... however I downloaded this same key to my laptop and tried to connect to the same linux box but it failed..... As my laptop is running MS Vista I guessing I going have to convert it ...... (1 Reply)
Discussion started by: Zak
1 Replies

4. Programming

Is scan code of every key fixed in all keyboard

Hi everyone, Is scan code of every key fixed in all keyboard or different keyboard has different scan code for every key? Thank you in advance! (2 Replies)
Discussion started by: liuyan03
2 Replies

5. Shell Programming and Scripting

Generate Public Key when the server is not ssh enabled

I am writing a script that needs to access various servers some of which are not ssh enabled. In order to access the ssh enabled servers I am using the following command to generate the public key : ssh-keygen -t rsa Is there a similar command for the other servers as well. If I try to use... (1 Reply)
Discussion started by: ravneet123
1 Replies

6. Shell Programming and Scripting

Using ssh to add register key on ssh server

Hi, I want to use ssh to add a register key on remote ssh server. Since there are space characters in my register key string, it always failed. If there is no space characters in the string, it worked fine. The following is what I have tried. It seems that "ssh" command doesn't care about double... (9 Replies)
Discussion started by: leaftree
9 Replies

7. Solaris

Solaris 8 ssh public key authentication issue - Server refused our key

Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks. ... (1 Reply)
Discussion started by: aixlover
1 Replies

8. Shell Programming and Scripting

Need Help ssh key fail on remote server

Hello everyone, I need some help writing a bash script to: 1. ssh from a jumpserver to 50 remote servers logging in automatically using ssh keys and capture if zabbix is running by running a "ps -ef | grep zabbix" and output to a logfile capturing the server hostname and ps -ef output to... (2 Replies)
Discussion started by: vtowntechy
2 Replies

LEARN ABOUT DEBIAN

openpgp2ssh

OPENPGP2SSH(1)						    BSD General Commands Manual 					    OPENPGP2SSH(1)

NAME

     openpgp2ssh -- translate OpenPGP keys to SSH keys

SYNOPSIS

     openpgp2ssh < mykey.gpg

     gpg --export $KEYID | openpgp2ssh $KEYID

     gpg --export-secret-key $KEYID | openpgp2ssh $KEYID

DESCRIPTION

     openpgp2ssh takes an OpenPGP-formatted primary key and associated subkeys on standard input, and spits out the requested equivalent SSH-style
     key on standard output.

     If the data on standard input contains no subkeys, you can invoke openpgp2ssh without arguments.  If the data on standard input contains mul-
     tiple keys (e.g. a primary key and associated subkeys), you must specify a specific OpenPGP key identifier as the first argument to indicate
     which key to export.  The key ID is normally the 40 hex digit OpenPGP fingerprint of the key or subkey desired, but openpgp2ssh will accept
     as few as the last 8 digits of the fingerprint as a key ID.

     If the input contains an OpenPGP RSA public key, it will be converted to the OpenSSH-style single-line keystring, prefixed with the key type
     (`ssh-rsa').  This format is suitable (with minor alterations) for insertion into known_hosts files and authorized_keys files.

     If the input contains an OpenPGP RSA secret key, it will be converted to the equivalent PEM-encoded private key.

     openpgp2ssh is part of the monkeysphere(7) framework for providing a PKI for SSH.

CAVEATS

     The keys produced by this process are stripped of all identifying information, including certifications, self-signatures, etc.  This is
     intentional, since ssh attaches no inherent significance to these features.

     openpgp2ssh will produce output for any requested RSA key.  This means, among other things, that it will happily export revoked keys, unveri-
     fiable keys, expired keys, etc.  Make sure you do your own key validation before using this tool!

EXAMPLES

     gpg --export-secret-key $KEYID | openpgp2ssh $KEYID | ssh-add -c /dev/stdin

     This pushes the secret key into the active ssh-agent(1).  Tools such as ssh(1) which know how to talk to the ssh-agent(1) can now rely on the
     key.

AUTHOR

     openpgp2ssh and this man page were written by Daniel Kahn Gillmor <dkg@fifthhorseman.net>.

BUGS

     openpgp2ssh only works with RSA keys.  DSA keys are the only other key type available in both OpenPGP and SSH, but they are currently unsup-
     ported by this utility.

     openpgp2ssh only accepts raw OpenPGP packets on standard input.  It does not accept ASCII-armored input.  openpgp2ssh Currently only exports
     into formats used by the OpenSSH.	It should support other key output formats, such as those used by lsh(1) and putty(1).

     Secret key output is currently not passphrase-protected.

     openpgp2ssh currently cannot handle passphrase-protected secret keys on input.

SEE ALSO

     pem2openpgp(1), monkeysphere(1), monkeysphere(7), ssh(1), monkeysphere-authentication(8), monkeysphere-host(8)

BSD
								  March 1,, 2009							       BSD
All times are GMT -4. The time now is 05:42 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy