Help talk:SSH Fingerprints/login.toolforge.org

Rendered with Parsoid
From Wikitech

This page should protected. skalman (talk) 16:51, 30 August 2013 (UTC)Reply

It is now! :) jeremyb (talk) 23:21, 11 October 2013 (UTC)Reply
These two too (bastion, gerrit) Help:SSH Fingerprints. Emijrp (talk) 14:32, 5 February 2014 (UTC)Reply

Also, the tools-dev.wmflabs.org fingerprint is missing. Emijrp (talk) 16:42, 5 February 2014 (UTC)Reply

ECDSA vs. RSA

Latest comment: 9 years ago5 comments5 people in discussion

Note that on recent versions of the OpenSSH client, by default, you will get an ECDSA key whose fingerprint does not match the one listed here when connecting. In this case, run the client with the -oHostKeyAlgorithms='ssh-rsa' option to get the right key with the right fingerprint.--Anders Feder (talk) 22:22, 23 March 2015 (UTC)Reply

This confused me sometime ago. Yuvipanda could you add a note to the page? He7d3r (talk) 13:54, 25 March 2015 (UTC)Reply
+1. The ECDSA key fingerprint (which should be added to this page, Yuvipanda, or another admin) is 80:37:58:71:84:99:54:e7:17:dd:c4:be:54:48:41:57.
You can see that with
mormegil@tools-bastion-01:~$ ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key.pub
256 80:37:58:71:84:99:54:e7:17:dd:c4:be:54:48:41:57  root@tools-bastion-01 (ECDSA)
--mormegil (talk) 14:33, 31 March 2015 (UTC)Reply

Indeed, all correct fingerprints should be listed.

$ ssh tools-login.eqiad.wmflabs
The authenticity of host 'tools-login.eqiad.wmflabs (<no hostip for proxy command>)' can't be established.
ECDSA key fingerprint is 41:db:d9:4f:03:7e:14:20:a6:5b:23:5f:bf:85:42:38.
$ ssh tools-login.wmflabs.org
The authenticity of host 'tools-login.wmflabs.org (208.80.155.130)' can't be established.
ECDSA key fingerprint is 80:37:58:71:84:99:54:e7:17:dd:c4:be:54:48:41:57.

--Nemo 11:08, 3 April 2015 (UTC)Reply

coren, Yuvipanda, Andrew Bogott is someone updating the fingerprint or informing users which to use? — billinghurst sDrewth 03:21, 16 April 2015 (UTC)Reply

Outdated

Latest comment: 9 years ago1 comment1 person in discussion

In addition to what above:

$ ssh -oHostKeyAlgorithms='ssh-rsa' tools-login.eqiad.wmflabs
The authenticity of host 'tools-login.eqiad.wmflabs (<no hostip for proxy command>)' can't be established.
RSA key fingerprint is 2b:b2:5d:48:43:f0:27:8a:c1:ab:06:6b:f9:3c:b6:57.

But that key is currently struck in the page. So, who's right? :[ --Nemo 11:09, 3 April 2015 (UTC)Reply

Retrieved from "https://wikitech.wikimedia.org/w/index.php?title=Help_talk:SSH_Fingerprints/login.toolforge.org&oldid=1872162"