ssh public key fingerprint

Long time ago one of my U.S system admin was very security conscious. He asked me to create id_rsa.pub key in server. I created the key with ssh-keygen -t rsa command. And send it him through encrypted email. Next day he wrote me ,what is the ssh key fingerprint ?

First let’s have some introduction.

What is ssh public key fingerprint ?

Answer : In public-key cryptography, a public key fingerprint is a short sequence of bytes used to authenticate or look up a longer public key. Fingerprints are created by applying a cryptographic hash function to a public key. Since fingerprints are shorter than the keys they refer to, they can be used to simplify certain key management tasks.

It is very simple to find out the SSH public key fingerprint.

Command To Get Public Key Finger Print

Given below both file will show you same result.

ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub
or 
ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub

Here is the Output of above command.

ssh5

When you create a ssh key with the help of command “ssh-keygen -t rsa” or “ssh-keygen -t dsa” it has different fingerprint value . When you try to login with ssh key from other system it will ask you to accept the fingerprint value to add in known_hosts file ,the value exactly matches with ~/.ssh/id_rsa or ~/.ssh/id_rsa.pub file in your server.

To check fingerprint of ssh key

Use the given below command.

ssh-keygen -lf ~/.ssh/id_rsa
or
ssh-keygen -lf ~/.ssh/id_rsa.pub

This is the another good example of learning about fingerprint, the topic is “WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED“. You might have seen this Warning Message when you do the SSH to Linux/Unix Machine. You will be able to relate both the posts. Happy SHSing.

Read Some More Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.