Should the ecdsa fingerprint always and only be offered?

Discussion:

Kevin Chadwick

2011-05-17 11:38:06 UTC

If the client has no known_hosts files and only an RSA key. Only the
ecdsa fingerprint is given to be confirmed before connection. Should
administrators make sure the ecdsa fingerprint is always given out or
posted even to already issued RSA key users or should the RSA
fingerprint or the fingerprint matching the key to be used be shown in
the ssh dialog?

(4.9 Release)

Damien Miller

2011-05-17 11:14:59 UTC

Permalink

Post by Kevin Chadwick
If the client has no known_hosts files and only an RSA key. Only the
ecdsa fingerprint is given to be confirmed before connection. Should
administrators make sure the ecdsa fingerprint is always given out or
posted even to already issued RSA key users or should the RSA
fingerprint or the fingerprint matching the key to be used be shown in
the ssh dialog?

If you are using recent OpenSSH (5.7+) then ssh will automatically
prefer known host keys when connecting, so you should never be asked
to learn a new hostkey type unless the old ones are no longer offered.

If you prefer to use ECDSA keys, then you may like to copy them
manually from the server or use ssh-keyscan (and check the
fingerprints).

-d

Kevin Chadwick

2011-05-17 12:57:18 UTC

Permalink

On Tue, 17 May 2011 21:14:59 +1000 (EST)

Post by Damien Miller
If you are using recent OpenSSH (5.7+) then ssh will automatically
prefer known host keys when connecting, so you should never be asked
to learn a new hostkey type unless the old ones are no longer offered.
If you prefer to use ECDSA keys, then you may like to copy them
manually from the server or use ssh-keyscan (and check the
fingerprints).

Fair enough but if you only have an id_rsa in .ssh but know the
RSA fingerprint then only an ecdsa fingerprint is offered by the server.

If you have the ecdsa fingerprint and verify it manually but use an RSA
key, I'm pretty sure your not open to MITM?

(4.9 Release both sides)