[X2Go-User] What is the hash algorithm / format used for the host key hash during connection instantiation?
Ulrich Sibiller
uli42 at gmx.de
Sun Nov 15 18:09:55 CET 2020
I never looked into how x2go handles ssh keys. However, x2go generates
individual keys during session startup. Maybe you are seeing one of
those?
On my system there are some keys in ~/.x2go/ssh
Uli
On Sun, Nov 15, 2020 at 5:57 PM Stefan Mätje <stefan.maetje at gmx.de> wrote:
>
> Hi,
>
> I'm using x2go to connect from a Linux Mint (19) machine to an Ubuntu server
> using a RSA key over SSH.
>
> During the connection instantiation x2go presents me the following question:
>
> Der Server ist unbekannt. Vertrauen Sie diesem Host-Key?
> Hash des öffentlichen Schlüssels: remote.server.com:22 - d7:2e:e0:ae:27:7a:e5:33:59:6d:00:12:75:22:0a:c6:9a:10:31:a9
>
> I. e. "The server is unkown. Do you trust this host key?" I now have problems to match the presented fingerprint
> hash to the host identity keys that are present on the server machine under /etc/ssh/ssh_host_*key*.
>
> When I later inspect the .ssh/known_hosts file on my Linux Mint machine (client side) I can match the public
> key there to the public host identity key on the server side that has the following fingerprints
> (displayed with 'ssh-keygen -l -E {md5|sha256} -f ssh_host_ecdsa_key'):
>
> ssh_host_ecdsa_key.pub:
> 256 SHA256:3vf9PbLKhlaFpff7SxpaDLyrfYJF8iJ+Px3bMzLNY2U root at internal.server.com (ECDSA)
> 256 MD5:7b:9a:76:4b:58:ce:87:bf:3f:56:41:a9:7c:f8:bf:e9 root at internal.server.com (ECDSA)
>
> Neither of these fingerprints can be matched to the fingerprint / hash that x2go presents to me. The MD5
> hash line is similar but shorter (only 16 hash bytes aka. 128 bits that matches a MD5 sum length). The
> x2go hash has 20 bytes (160 bits) hash length.
>
> The question is how can I reliably match the fingerprint x2go presents to me to the right host ID hash.
> Am I comparing / expecting the wrong keys?
>
> Can somebody please shed some light on this issue.
>
> Best regards,
> Stefan
>
> _______________________________________________
> x2go-user mailing list
> x2go-user at lists.x2go.org
> https://lists.x2go.org/listinfo/x2go-user
More information about the x2go-user
mailing list