SSH not verifying properly...
This is kind of a newbie question, but I don't consider myself to be a total know-nothing anymore - I had that phase for the last few months!
Anyhoo, I've been trying to get my SSH daemon (OpenSSH I think) to work. To begin with it was simply refusing connections, but now when telnetted to my isp's remote terminal, I get this: Code:
myusername@isphost myusername $ ssh my.host.name (If anybody thinks exposing my 'DSA key fingerprint' like this is a security hazrard, please let me know and I'll censor it, too) I know I could have typed 'yes' and connected, but I don't want to do that until I know it's going to be secure. What do people think? |
Hmm? I'm not sure I understand the nature of your dilema. The authentication can't be established if you've never connected to your isps remote terminal before as they don't have a copy of your digital fingerprint on their system (or maybe vice-versa). If you said yes to connect then disconnected, reconnect again and you shouldn't see the authentication error message again. At least that's the way mine works. As to the exposure of your digital fingerprint being insecure I can't comment.
|
a main feature of the ssh protocol is the DSA key fingerprint this one is random created and makes shure your connecting to you box your want to connect with.
if it is the 1st time you connect you dont have the fingerprint yet so you need to say 'Yes' to that question. |
Really?
So in that case, I can choose 'yes', and I'm still connecting securely, and the remote host will remember me, and remember that I'm trustable. Right? (In case of any inclarities, I was telnetting to my ISP's machine, then ssh'ing back to my own - I know this doesn't make sense for general use, but I wanted to see what my machine looked like from a remote computer.) |
Quote:
|
OK, cool. Thanks:)
Now I don't have to use telnet! Yay! |
All times are GMT -5. The time now is 05:45 AM. |