Long time ago one of my U.S system admin was very security conscious. He asked me to create id_rsa.pub key in server. I created the key with
ssh-keygen -t rsa command. And send it him through encrypted email. Next day he wrote me ,what is the ssh key fingerprint ?
First let’s have some introduction.
What is ssh public key fingerprint ?
Answer : In public-key cryptography, a public key fingerprint is a short sequence of bytes used to authenticate or look up a longer public key. Fingerprints are created by applying a cryptographic hash function to a public key. Since fingerprints are shorter than the keys they refer to, they can be used to simplify certain key management tasks.
It is very simple to find out the SSH public key fingerprint.
Command To Get Public Key Finger Print
Given below both file will show you same result.
ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub or ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub
Here is the Output of above command.
When you create a ssh key with the help of command “ssh-keygen -t rsa” or “ssh-keygen -t dsa” it has different fingerprint value . When you try to login with ssh key from other system it will ask you to accept the fingerprint value to add in known_hosts file ,the value exactly matches with ~/.ssh/id_rsa or ~/.ssh/id_rsa.pub file in your server.
To check fingerprint of ssh key
Use the given below command.
ssh-keygen -lf ~/.ssh/id_rsa or ssh-keygen -lf ~/.ssh/id_rsa.pub
This is the another good example of learning about fingerprint, the topic is “WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED“. You might have seen this Warning Message when you do the SSH to Linux/Unix Machine. You will be able to relate both the posts. Happy SHSing.