Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
SSH Host Key Protection
Brian Hatch

Comments Mode:
SSH Host Key Protection 2005-12-14
Anonymous
If it is decided to use a ssl secured web page in an organization to verify ssh public keys, should both the fingerprints (ssh-keygen -l -f *.pub) and the contents of the three .pub files (cat /etc/ssh/*.pub) in the /etc/ssh/*.pub directory be included on the page. Or will most users just need to l...

[ more ]  [ reply ]
SSH Host Key Protection 2006-06-08
Monica
This is a very useful article - thanks!...

[ more ]  [ reply ]
SSH Host Key Protection 2006-06-14
Anonymous


I have an appliance which generates a new Host Key for each new SSH connection - is there any way to *prevent* OpenSSH from checking/saving the Host Key but still allowing me to connect?

(I know that PuTTY, for example, has an "ignore and connect anyway"-type option...)...

[ more ]  [ reply ]
SSH Host Key Protection 2006-06-14
Anonymous (1 replies)


It's a horrible hack, but I've found that individual hosts can be prevented from saving Host Keys by adding "UserKnownHostsFile /dev/null" to their section of the .ssh/config file.

Messy, but (along with "StrictHostKeyChecking no") it works....

[ more ]  [ reply ]
Re: SSH Host Key Protection 2008-09-02
Anonymous
If you don't want to have to answer "yes" to the "Are you sure" question, you might as well rather use "CheckHostIP no"....

[ more ]  [ reply ]
SSH Host Key Protection 2007-08-31
Anonymous
Thank you, This is a need and well done artical regarding SSH....

[ more ]  [ reply ]
SSH Host Key Protection 2007-12-30
Anonymous (1 replies)
This said 1'st in a series, how do I get to the rest of the series ?...

[ more ]  [ reply ]
Re: SSH Host Key Protection 2008-01-11
Andrew Lloyd
Links to others:

[1] SSH Host Key Protection: http://www.securityfocus.com/infocus/1806

[2] SSH User Identities: http://www.securityfocus.com/infocus/1810

[3] SSH and ssh-agent: http://www.securityfocus.com/infocus/1812

[4] SSH Port Forwarding:

http://www.securityfocus.com/infocus/1816...

[ more ]  [ reply ]
SSH Host Key Protection 2008-06-13
Anonymous
Now someone please try to explain this to any web hosting company! (especially the ones that claim security)...

[ more ]  [ reply ]
SSH Host Key Protection 2009-01-05
Anonymous (1 replies)
Excellent article. Would someone tell me how to get the hash of a key previously stored in the known_hosts file? In other words how do I translate:

ssh-server.example.com,12.18.429.21 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0

6jFqviLMMJ/GaJNhGx/P6Z7+4aJIfUqcVjTGQasS1daDYejcfOAWK0juoD+zS3BsGKKYKP...

[ more ]  [ reply ]
Re: SSH Host Key Protection 2009-11-13
Anonymous
In case anyone gets here looking for that answer...

ssh-keygen -l -f known_hosts...

[ more ]  [ reply ]
SSH Host Key Protection 2009-02-03
Anonymous
Very good article!

I have a problem with 'no-passwd ssh'

i have copied the id-dsa.pub from one server to the others and i added into authorized_keys.

The i set to 0600 the permissions to authorized keys.

In all the servers works except one....?¿?¿?¿?

some clue?

regards...

[ more ]  [ reply ]
SSH Host Key Protection 2009-11-09
Dhaubaji
Very good article.

But can i claim myself to be a server (man in the middle attack) by copying the server host key (suppose rsa hostkey) and putting it in a different machine?

Because if i try to connect a server (say using putty) it allows me to see the hostkey of the server i'm connecting to.

...

[ more ]  [ reply ]




 

Privacy Statement
Copyright 2009, SecurityFocus