Verifying SSH Keys on LINCOMM

It is important to verify the authenticity of the cryptographic keys used to secure your login information to LINCOMM.

When connecting for the first time to a LINCOMM server, or if you receive a "hijacked" error in your SSH client, it is important to verify the authenticity of the SSH key being used to secure your connection.  

Connecting to a LINCOMM server for the first time

Each SSH client will display information a little differently, especially since some will use different key exchanges.   Below are shown some common clients, but the best practice is to use the information given by the client in order to lookup the SSH Key Fingerprints below to be sure they match.

IF YOUR SSH KEY FINGERPRINTS DO NOT MATCH WHAT IS BELOW, CANCEL YOUR CONNECTION IMMEDIATELY AND CONTACT ERIC DIECKMAN

SecureCRT

Click View Host Key and verify below.

securecrt-viewhostkey-marked.png

Mac Terminal or other Linux clients

mac-fingerprint-marked.png

Putty

putty-fingerprint-marked.png

Connecting to a LINCOMM server and receiving a "hijacked" message

This can indicate a serious security issue, including something known as a man-in-the-middle attack.   It is VERY important to match the fingerprints shown by your SSH client with the SSH Key Fingerprints below. Different SSH clients can show different fingerprints. Some common examples are shown below, but it is best practice to use the information given by the SSH client to match the SSH Key Fingerprints.

IF YOUR SSH KEY FINGERPRINTS DO NOT MATCH WHAT IS BELOW, CANCEL YOUR CONNECTION IMMEDIATELY AND CONTACT ERIC DIECKMAN


SecureCRT

Click View Host Key and verify below.  Click Accept & Save ONLY IF FINGERPRINTS MATCH.


securecrt-viewhostkey-marked.png

Mac Terminal or other Linux clients

Verify the SSH key fingerprints below. ONLY IF THEY MATCH, run the following command:
ssh-keygen -R lincomm<#>.aae.wisc.edu

mac-keygen.png

Putty

Verify the SSH key fingerprints below. ONLY IF THEY MATCH, click Yes

putty-security.png

LINCOMM SSH Key and Fingerprints

Public Key

---- BEGIN SSH2 PUBLIC KEY ----
AAAAB3NzaC1yc2EAAAADAQABAAABAQDKskFpIU4iXf3PvEj3DYi5VpThvToO4wpg
avy+IRyZhl5k/oBvEEUwma7SQmJggYgpVQOfSUHo5m6YeAXrKO43i/nqcMBCnPFG
NdbNyo6WnSUDwYzYs8m7V8v2TwnSECeU8FfyZFF/g+Gz7PUOYWvFN1qiuHBoozKL
XpmUSzt/PdENmo4tkSMl6Fbm5/pKNnROz3/9a+cz4lKkHgUcNcF7alz+TH6FZv0s
FmxpKW1Oy2PmD0KFnv1GFPrM+70esoE3JqHO1jiIrVY+3IDiWY5xtUXVhS7cM1p8
3nJlpZNTiXSljQBshhOKV2Pdv2QgitLevZRczsz/hMjz/kKg2jpb
---- END SSH2 PUBLIC KEY ----

ECDSA Fingerprints

  • MD5:be:8b:19:8d:6a:86:5d:6a:f1:09:f1:59:6f:aa:c9:be
  • SHA256:sV68SePE/EVKzFARTP/92XlqLfxMVDouXbIx1vzwWx0

ED25519 Fingerprints

  • MD5:69:bd:3c:20:66:57:86:ea:a9:52:db:58:b2:ea:1d:1b
  • SHA256:/hBmzZDTe4uxkikM5x67GyiWgA98JwM6qh5ioWzKZFk

RSA Fingerprints

  • MD5:ce:c1:f8:2c:8b:7f:dd:5e:42:fb:de:40:74:41:63:5c
  • SHA256:XWkk2WwhuRJcRQYHGFJ2SxPDBMQaMwFjdnCk460U06U





Keywords:
ssh keys lincomm ed25519 md5 rsa ecdsa 
Doc ID:
111805
Owned by:
Eric D. in Agricultural & Applied Economics
Created:
2021-06-19
Updated:
2021-06-19
Sites:
Agricultural & Applied Economics