You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Lish guide was updated with new SSH host key fingerprints in #2310. The new ones are SHA-256 fingerprints of the RSA and ECDSA keys.
I have two issues with that, of differing importance:
The gateways support Ed25519, the newest and best SSH key format, which modern clients use by default, but fingerprints for the keys aren't provided.
$ ssh lish-fremont.linode.com
The authenticity of host 'lish-fremont.linode.com (2600:3c01::f03c:91ff:fec5:3a0b)' can't be established.
ED25519 key fingerprint is SHA256:OX3imiePFMl6d5N+IaYhGZQ07nuApcUgnd2YRbFNKH0.
Are you sure you want to continue connecting (yes/no)?
In the opposite direction, I would appreciate it if MD5 fingerprints were also listed. MD5 is old and bad, but not insecure for this purpose, and old and bad clients -- like Ubuntu 14.04, which goes EOL in April, but isn't EOL yet -- still require it.
You can generate them with modern OpenSSH with e.g.:
The Lish guide was updated with new SSH host key fingerprints in #2310. The new ones are SHA-256 fingerprints of the RSA and ECDSA keys.
I have two issues with that, of differing importance:
You can generate them with modern OpenSSH with e.g.:
Thank you. <3
The text was updated successfully, but these errors were encountered: