Verifying an SSH key fingerprint (Linux)

Summary

For Linux users, an SSH key fingerprint is a way for you to verify that the computer you're connecting to is really the one you expect

Body

VPN requirement beginning Wednesday, May 3, 2023

You will need to connect to the VPN if you are off-campus, using a minimally managed device, or using a personal device.

Messages

If you use SSH or SFTP to log in to university Linux computers, you may have seen one of the following messages. (Note: these are example messages)

  1. New SSH key

    The authenticity of host 'login.mtu.edu (141.219.70.85)' can't be established.
    ECDSA key fingerprint is
    SHA256:g1tQrJsPSV0HaDl0VaIF6zJhWp0JcoJlpR36o5/CjfA.
    ECDSA key fingerprint is
    MD5:d7:66:56:d4:3a:4f:86:7c:3b:d7:ba:8d:99:9d:dc:3e.
    Are you sure you want to continue connecting (yes/no)?

  2. Changed SSH key

    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!        @
    @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
    IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
    Someone could be eavesdropping on you right now (man-in-the-middle
    attack)!
    It is also possible that a host key has just been changed.
    The fingerprint for the ECDSA key sent by the remote host is
    SHA256:g1tQrJsPSV0HaDl0VaIF6zJhWp0JcoJlpR36o5/CjfA.
    Please contact your system administrator.
    Add correct host key in /home/josh/.ssh/known_hosts to get rid of this
    message.
    Offending ECDSA key in /home/josh/.ssh/known_hosts:7
    ECDSA host key for login.mtu.edu has changed and you have requested
    strict checking.
    Host key verification failed.

An SSH key fingerprint is a way for you to verify that the computer you are connecting to is the one you expected, and not a compromised system trying to steal your credentials. We publish the correct key fingerprints here so you can visually check to make sure you're getting the correct fingerprint when you see a message like those above.

SSH key fingerprints for Michigan Tech login servers

colossus.it.mtu.edu

ECDSA key fingerprint is SHA256:nVSrk2B4t2C+Gjkzu/Yrqjpq5QQxOlQn9bBOjYZtbOc
ECDSA key fingerprint is
MD5:2f:00:8d:07:e6:b8:f8:2e:0e:01:19:1a:cc:28:38:61

RSA key fingerprint is SHA256:h9mQ3LGO9Ijk47O+fMSuBXzAyVE42hiNFv4tSKl5t78
RSA key fingerprint is MD5:93:c0:6c:69:8c:07:1d:e4:9d:e9:39:c9:cd:51:50:85

ED25519 key fingerprint is
SHA256:o67TRPLqDkekGNr2tuCVQ3Hrrlr61CZ5xt2gaOsGBdI
ED25519 key fingerprint is
MD5:f3:2b:28:0a:4e:bf:1e:f0:04:ae:68:80:43:1e:87:2a

guardian.it.mtu.edu / sftp.it.mtu.edu / login.mtu.edu

ECDSA key fingerprint is SHA256:ADo54F3nyLngER2gIT1+xTp0PY2UHfVF4ilDxxH1A5s
ECDSA key fingerprint is
MD5:67:c3:31:d3:82:74:18:47:4d:46:34:f3:4a:0f:b7:ff

RSA key fingerprint is SHA256:qazAITSAjyDpFvN/bvZPNMalgxdNqB6MUo6IQuZgkEY
RSA key fingerprint is MD5:1d:1a:cb:fe:bb:74:27:36:7d:da:2e:69:84:2f:08:16

ED25519 key fingerprint is
SHA256:jhWvYPPyLGYhEHJ6xT+2ix9CLsJiiR/rz8Wzx/IKl9A
ED25519 key fingerprint is
MD5:96:be:90:ca:97:6a:f6:aa:30:b9:2e:8d:22:6f:74:a1

Details

Details

Article ID: 52942
Created
Fri 4/27/18 3:32 PM
Modified
Wed 10/9/24 2:18 PM