How to verify SHA256 ssh fingerprint

When you see something like this when you try to login to your server you probably want to be sure there is no Man in the middle attach.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:7KMZvJiI5AeC5As2GSZES5baxTZ+HbOyqjNPVy1NIe4.
Please contact your system administrator.
Add correct host key in /home/user/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in /home/user/.ssh/known_hosts:20
  remove with:
  ssh-keygen -f "/home/user/.ssh/known_hosts" -R [example.org]:2548
RSA host key for [example.org]:2548 has changed and you have requested strict checking.
Host key verification failed.
The authenticity of host 'example.org (192.0.0.42)' can't be established.
RSA key fingerprint is SHA256:7KMZvJiI5AeC5As2GSZES5baxTZ+HbOyqjNPVy1NIe4.
Are you sure you want to continue connecting (yes/no)?

Here is how you can get the SHA256 fingerprint of the key on your server:

$ awk '{print $2}' /etc/ssh/ssh_host_rsa_key.pub | base64 -d | sha256sum -b | awk '{print $1}' | xxd -r -p | base64
7KMZvJiI5AeC5As2GSZES5baxTZ+HbOyqjNPVy1NIe4=
$

In this example the string "7KMZvJiI5AeC5As2GSZES5baxTZ+HbOyqjNPVy1NIe4" is the same.

Comments

TedJonesWeb.blogspot.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com

Popular posts from this blog

Brexit will make Bitcoin more popular

This is why "Credible friends app" is bad - don't use it

"I'm earning 15k and my friends earn 80k", "I feel like I want to end my life."

When you print important crypto stuff (private keys) make sure you use a proper font and don't leave traces on your printer's hard drive and your computer's hard drive

"The Uncensored Hidden Wiki" fake replica!