[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] DANGER WILL ROBINSON!!! A tool for MIM/c*apfilt and poisoning listed on /.
- Subject: Re: [cobalt-security] DANGER WILL ROBINSON!!! A tool for MIM/c*apfilt and poisoning listed on /.
- From: Carrie Bartkowiak <ravencarrie@xxxxxxxx>
- Date: Fri, 10 Aug 2001 14:00:24 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Fri, 10 Aug 2001 11:45:46 +0100, Stuart Robinson mumbled something
like:
>>It's the fingerprint
*light goes off* Ahh, okay! Gotcha.
>>The idea is that when you set up your server (in a trusted
>>environment) you make a note of the key
>>fingerprint.
I am trying to find a way to get the key for a machine where the
package was used to install SSH. 'man ssh' gave me this:
"The client uses his private key, $HOME/.ssh/id_dsa or
$HOME/.ssh/id_rsa, to sign the session identifier and sends the
result to the server. The server checks whether the matching public
key is listed in $HOME/.ssh/authorized_keys2 and grants access if
both the key is found and the signature is correct."
I can't find anything like the files mentioned on the machine. In
/etc/ssh I did find these:
ssh_host_dsa_key
ssh_host_dsa_key.pub
ssh_host_key
ssh_host_key.pub
ssh_host_rsa_key
ssh_host_rsa_key.pub
But when looking at them with pico, they look nothing like what you
posted.
Is there a way that I'm overlooking that will allow me to grab the
key for this machine so that I can write it down and store it? I'm
using Putty, if that helps.
--
CarrieB
"I think we have more machinery of government than is necessary, too
many parasites living on the labor of the industrious." --Thomas
Jefferson