Questions tagged [ssh-host-key]
The SSH host key is an identifier of a SSH / SFTP server.
57 questions
0votes
1answer
117views
How can I keep git ssh keys from developers in server
I'm trying to meet a requirement where devs can log in to a server, launch, and test code without having the ability to pull (or access any ssh keys)code from the repository. I don't want to grant ...
- 846
2votes
1answer
72views
sshd HostKey hardcoding implementation
We are performing regular reinstallations of our systems which keeps on changing the servers sshd private keys due to regeneration at the end of the OS installation. Due to this our automated systems ...
- 21
0votes
0answers
226views
Are there multiple ways to hash RSA key fingerprints from the same public key?
I am troubleshooting an SFTP upload script on a device in the field. The script worked previously, but now gets a different host key fingerprint when it tries to connect. There should have been no ...
- 101
1vote
3answers
989views
Is it possible to retrieve the public-key from an encrypted or passphrase-protected ssh private-key?
I have created an open-ssh keypair using ssh-keygen with the defaults, and encrypted the private key with a passphrase. I already know how to derive the public-key from the private-key using ssh-...
- 31
-2votes
2answers
8kviews
What can i do with the ssh host key i got from this nmap scan. (Hack the box) [duplicate]
I am on hack the box and I ran nmap -A IP_address and this is the output I received. I am wondering if I can do something with the ssh hostkey.
5votes
1answer
6kviews
What are the security implications of using GPG instead of SSH keys for authentication
I want to use a GPG key instead of an SSH key. Looking online I found several guides on how to do it. But these guides are about using GPG for convenience. I instead want to know the pros and cons ...
1vote
2answers
4kviews
ssh authentication: is it possible to have password OR keys?
I'm wanting to use hashbackup to backup one server (A) to another server (B). Hashbackup can send the backup to server B, if server A has server B's key (public?) for passwordless ssh. I haven't used ...
- 11
1vote
1answer
167views
ssh server encrypted key vs password login [duplicate]
In an openssh-server login to a GNU/Linux machine to use a private ssh key encrypted with an N-characters passphrase, then sshd_config: PasswordAuthentication no PubkeyAuthentication yes is it ...
- 121
1vote
1answer
560views
SSH to github.com only adds RSA keys - excludes ed25519 host keys
I am doing some tests around ssh. From what I have seen a server usually has multiple host keys. When a client tries to connect, it tries to negotiate which key types to use DSA, RSA, ECDSA, etc. But ...
0votes
2answers
435views
Is it possible somebody could have edited my known_hosts file to connect to malicious servers?
I noticed my known_hosts file has many (15) lines, and I'm not sure why. I didn't think I had connected to this many servers. (I think this is what the known_hosts file is for, based on my limited ...
0votes
0answers
184views
is MITM attack possible when we verify only the jump host's fingerprint (host key)?
I am connecting to remote hosts via jump host where I verify only the jump host's host key, but turn off host key verification for the target hosts. the ssh command arguments look like this: -o ...
- 101
6votes
1answer
2kviews
Is getting server host key with ssh-keyscan secure?
I am trying to establish SSH connection to a server through a program. As a pre-requisite to be able to do so, I am getting the publicly available server host key using ssh-keyscan <hostname> ...
- 163
3votes
1answer
2kviews
ssh -Q key not listing all key types?
I am having some problems with understanding which types of host keys my SSH daemon actually provides or supports (stock debian buster, sshd 7.9.p1). From the manual (man sshd_config): ...
- 599
1vote
1answer
431views
Security against local attack for remote FDE decryption?
Is there any remote FDE decryption that is resistant to an attacker that has local physical access? Tools like dracut-sshd need to store the private key used for the sshd server on the unencrypted ...
- 21
-1votes
2answers
2kviews
Why should we only keep the private key secret, why not the public key? [duplicate]
If I am not wrong, both private key and public key are the same since communication is possible only if both keys are matching. So, why we should only keep the private key secret, why not public key? ...
- 53
