Le mardi 21 août 2012 à 10:51 -0300, Dr Beco a écrit : > can show me if that is the case. But I would have to have the original > SSH key to compare to, to see if it changed or not. The command I gave you should be used if you have a local access to the ssh server to get the fingerprint.
When you first connect to the ssh server from a brand new client, the client will give you a fingerprint. All you have to do is checking that these two matches. In your case, you were not sure of the nature of the attack: was it a MITM attack? a compromised server? a disk failure? So I suggested you could check the fingerprint (using your local access) and compare it to the one given in the WARNING_PEOPLE_ARE_DOING_NASTY_THINGS message (which is the original one, taken from the known_hosts file). The purpose is to check whether the change came from the server (in case of compromission or hardware faiure) or from somewhere in the middle (MITM). > Can I run the same command on a client (my notebook) to compare to the > result of it from the server? I did not changed my know_hosts on the > notebook. ssh-keygen -lf ~/.ssh/known_hosts should match (at least one of its lines) but if it does not, ssh would warn you in the scary way it already did. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1345558366.8298.70.ca...@p76-nom-gd.cnrs-imn.fr