![]() However, if the SSH client still prompts us, we may need to use a different host public key. Once we’ve hashed the hostnames, we should be able to connect to the SSH host without interruption. H – hash a known_hosts file, which consequently will replace all hostnames and addresses with hashed representations.Let’s review the parameters that we have to use for ssh-keygen: |1|tF6s1ZUMS0dGxbag7b91a4MWisY=|tZw73FGyIJyNL80IP95b1CJYgiI= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOWSOyEv30pi0M/jB6m/2HLG+gIqaT1WN6GXJPbIaYyz/EFBRP57C+xM08R0/GJKvszINJUylFm1LYT+TOoPlvU= WARNING: /home/baeldung/.ssh/known_hosts.old contains unhashed entriesĭelete this file to ensure privacy of hostnames Original contents retained as /home/baeldung/.ssh/known_hosts.old |1|x/FU+XU7O/fk/ifF4cFTKYHO62U=|vopK8lRpcCYqdUY4a+ZFfNc5B4U= ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPsQNaXMM12Zk2CeKzO2rhc2wCY+NbAzWHE8I8P37Si4Biiu4Ye0kNIc88WEw707PjIpVEXzks0WtrQLb1LMDP0=Ģ02.157.184.104 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDvwlIAnK9+WSW7dEC4axK5VoAOC9Yt5FqRYLq8hTd33k08AkbzuNCrJoYfdksqqlp9qjiMlcDkhO/IccnFU1fe7tEzTMR/1AAuR+AvZoa6tVEUxDC3spZEWmH3AVGi4fQGY2jReCOxt6Ie07QSoyMpwDYfYidjryAn6pfFoUX8B5EyHzYrQU6kyGOeQTqXx+L1lg8/uH6RmiS5DlH3JPq4cJqKxGTW7zGBf8dDnZfZd/eiXReLoNK8HnPotIhNxxn4rPCRKzEyyFb9tOsc5hXqo6Ff3d+ajmMImZi+izpf8y84WSbeNkDjVlo0ONzyY3azi0Owlq6ac5toLnP6YJf1 The ssh-copy-id command is a simple tool that allows you to install an SSH key on a remote servers authorized keys. If the value of the HashKnownHosts config parameter in /etc/ssh/ssh_config is yes, we need to hash all hostnames in the known_hosts file, which we can easily do by using ssh-keygen: ![]() We can add this line to the known_hosts file: ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAkRM6RxDdi3uAGogR3nsQMpmt43X4WnwgMzs8VkwUCqikewxqk4U7EyUSOUeT3CoUNOtywrkNbH83e6/yQgzc3M8i/eDzYtXaNGcKyLf圓Ci6XOwiLLOx1z2AGvvTXln1RXtve+Tn1RTr1BhXVh2cUYbiuVtTWqbEgErT20n4GWD4wv7FhkDbLXNi8DX07F9v7+jH67i0kyGm+E3rE+SaCMRo3zXE6VO+ijcm9HdVxfltQwOYLfuPXM2t5aUSfa96KJcA0I4RCMzA/8Dl9hXGfbWdbD2hK1ZQ1pLvvpNPPyKKjPZcMpOznprbg+jIlsZMWIHt7mq2OJXSdruhRrGzZw=Īfter adding the line, we should be able to SSH to without interruption. Let’s use the public key with ssh-rsa key type. ![]() ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOdXzF+Jx/wvEBun5fxi8FQK30miLZFND0rxkYwNcYlE ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLZcZopPvkxYERubWeSrWOSHpxJdR14WFVES/Q3hFguTn6L+0EANqYcbRXhGBUV6SjR7SaxZACXSxOzgCtG4kwc= ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAkRM6RxDdi3uAGogR3nsQMpmt43X4WnwgMzs8VkwUCqikewxqk4U7EyUSOUeT3CoUNOtywrkNbH83e6/yQgzc3M8i/eDzYtXaNGcKyLf圓Ci6XOwiLLOx1z2AGvvTXln1RXtve+Tn1RTr1BhXVh2cUYbiuVtTWqbEgErT20n4GWD4wv7FhkDbLXNi8DX07F9v7+jH67i0kyGm+E3rE+SaCMRo3zXE6VO+ijcm9HdVxfltQwOYLfuPXM2t5aUSfa96KJcA0I4RCMzA/8Dl9hXGfbWdbD2hK1ZQ1pLvvpNPPyKKjPZcMpOznprbg+jIlsZMWIHt7mq2OJXSdruhRrGzZw= We can scan the host’s public key using ssh-keyscan: $ ssh-keyscan To add a public key to our known_hosts file, we need to find it from the server. Are you sure you want to continue connecting (yes/no) yes Failed to add the host to the list of known hosts (/Users/sasha/.ssh/knownhosts).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |