[X2Go-User] What is the hash algorithm / format used for the host key hash during connection instantiation?
Stefan Mätje
stefan.maetje at gmx.de
Sun Nov 15 17:57:36 CET 2020
Hi,
I'm using x2go to connect from a Linux Mint (19) machine to an Ubuntu server
using a RSA key over SSH.
During the connection instantiation x2go presents me the following question:
Der Server ist unbekannt. Vertrauen Sie diesem Host-Key?
Hash des öffentlichen Schlüssels: remote.server.com:22 - d7:2e:e0:ae:27:7a:e5:33:59:6d:00:12:75:22:0a:c6:9a:10:31:a9
I. e. "The server is unkown. Do you trust this host key?" I now have problems to match the presented fingerprint
hash to the host identity keys that are present on the server machine under /etc/ssh/ssh_host_*key*.
When I later inspect the .ssh/known_hosts file on my Linux Mint machine (client side) I can match the public
key there to the public host identity key on the server side that has the following fingerprints
(displayed with 'ssh-keygen -l -E {md5|sha256} -f ssh_host_ecdsa_key'):
ssh_host_ecdsa_key.pub:
256 SHA256:3vf9PbLKhlaFpff7SxpaDLyrfYJF8iJ+Px3bMzLNY2U root at internal.server.com (ECDSA)
256 MD5:7b:9a:76:4b:58:ce:87:bf:3f:56:41:a9:7c:f8:bf:e9 root at internal.server.com (ECDSA)
Neither of these fingerprints can be matched to the fingerprint / hash that x2go presents to me. The MD5
hash line is similar but shorter (only 16 hash bytes aka. 128 bits that matches a MD5 sum length). The
x2go hash has 20 bytes (160 bits) hash length.
The question is how can I reliably match the fingerprint x2go presents to me to the right host ID hash.
Am I comparing / expecting the wrong keys?
Can somebody please shed some light on this issue.
Best regards,
Stefan
More information about the x2go-user
mailing list