SSH Fingerprint Validation and Authentication
From: saifa (firstname.lastname@example.org)
Date: 16 Apr 2003 01:56:57 -0000 From: saifa <email@example.com>
Some questions regarding fingerprint validation and authentication ...
Let's say that a user connects to my machine for the first time using
SSH, and is presented with:
[user@host user]# ssh host.domain.org
The authenticity of host 'host.domain.org (hhh.xxx.yyy.zzz)' can't be established.
RSA key fingerprint is 5b:37:cf:68:84:57:6f:1c:27:0e:2a:ef:fd:52:10:49.
Are you sure you want to continue connecting (yes/no)?
I understand that the error received if a key has *changed* will alert
the user to a possible compromise, but how does this initial warning
help? If the user contacts me and asks "what is your SSH RSA
fingerprint?," how does this help the user determine that the machine
hasn't been compromised?
Using PGP I can publish my fingerprint on each email or newsgroup post
I make, and then when someone downloads my public key they can check
the fingerprint against those I have previously published and so
determine whether or not it has changed. Is there an equivalent
practice for SSH keys?
Is there a way to force the SSH server to use both public key *and*
password authentication? If so, is there a way (compile-time option?)
to ensure that when the private key is generated by the SSH client the
passphrase is not null?