Verifying an SSH key fingerprint (Linux)

VPN requirement beginning Wednesday, May 3, 2023

You will need to connect to the VPN if you are off-campus, using a minimally managed device, or using a personal device.

Messages

If you use SSH or SFTP to log in to university Linux computers, you may have seen one of the following messages. (Note: these are example messages)

  1. New SSH key

    The authenticity of host 'login.mtu.edu (141.219.70.85)' can't be established.
    ECDSA key fingerprint is
    SHA256:g1tQrJsPSV0HaDl0VaIF6zJhWp0JcoJlpR36o5/CjfA.
    ECDSA key fingerprint is
    MD5:d7:66:56:d4:3a:4f:86:7c:3b:d7:ba:8d:99:9d:dc:3e.
    Are you sure you want to continue connecting (yes/no)?

  2. Changed SSH key

    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!        @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
    Someone could be eavesdropping on you right now (man-in-the-middle
    attack)!
    It is also possible that a host key has just been changed.
    The fingerprint for the ECDSA key sent by the remote host is
    SHA256:g1tQrJsPSV0HaDl0VaIF6zJhWp0JcoJlpR36o5/CjfA.
    Please contact your system administrator.
    Add correct host key in /home/josh/.ssh/known_hosts to get rid of this
    message.
    Offending ECDSA key in /home/josh/.ssh/known_hosts:7
    ECDSA host key for login.mtu.edu has changed and you have requested
    strict checking.
    Host key verification failed.

An SSH key fingerprint is a way for you to verify that the computer you are connecting to is the one you expected, and not a compromised system trying to steal your credentials. We publish the correct key fingerprints here so you can visually check to make sure you're getting the correct fingerprint when you see a message like those above.

SSH key fingerprints for Michigan Tech login servers

colossus.it.mtu.edu

ECDSA key fingerprint is SHA256:nVSrk2B4t2C+Gjkzu/Yrqjpq5QQxOlQn9bBOjYZtbOc
ECDSA key fingerprint is
MD5:2f:00:8d:07:e6:b8:f8:2e:0e:01:19:1a:cc:28:38:61

RSA key fingerprint is SHA256:h9mQ3LGO9Ijk47O+fMSuBXzAyVE42hiNFv4tSKl5t78
RSA key fingerprint is MD5:93:c0:6c:69:8c:07:1d:e4:9d:e9:39:c9:cd:51:50:85

ED25519 key fingerprint is
SHA256:o67TRPLqDkekGNr2tuCVQ3Hrrlr61CZ5xt2gaOsGBdI
ED25519 key fingerprint is
MD5:f3:2b:28:0a:4e:bf:1e:f0:04:ae:68:80:43:1e:87:2a

guardian.it.mtu.edu / sftp.it.mtu.edu / login.mtu.edu

ECDSA key fingerprint is SHA256:ADo54F3nyLngER2gIT1+xTp0PY2UHfVF4ilDxxH1A5s
ECDSA key fingerprint is
MD5:67:c3:31:d3:82:74:18:47:4d:46:34:f3:4a:0f:b7:ff

RSA key fingerprint is SHA256:qazAITSAjyDpFvN/bvZPNMalgxdNqB6MUo6IQuZgkEY
RSA key fingerprint is MD5:1d:1a:cb:fe:bb:74:27:36:7d:da:2e:69:84:2f:08:16

ED25519 key fingerprint is
SHA256:jhWvYPPyLGYhEHJ6xT+2ix9CLsJiiR/rz8Wzx/IKl9A
ED25519 key fingerprint is
MD5:96:be:90:ca:97:6a:f6:aa:30:b9:2e:8d:22:6f:74:a1

Print Article