Two ssh keys for common-lisp.net?
Mark Evenson
evenson at panix.com
Mon Mar 16 09:30:40 UTC 2015
I keep getting messages about SSH key mismatch for common-lisp.net. It seems that two SSH keys are being negotiated for my client where it isn’t clear which one is chosen:
148.251.248.130 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJi/0OMu3anrn4jRBQ0KumZUaIWLKb59q4egMU2ljgvBk7Fgvl3tcwphJzETqB0Rap0n8naR/pj5SDNzenjLgQo=
148.251.248.130 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1/IAysdjPDZvOfpFESxhhokPmPrXi2n3dy3HfWDe0mQvkki0cJYPwhsKDe28uIneMUOMWUYCDI6FD6/phLrQQww2K88SXs3hskj4ZWjwNz0UTaYBoutRc9KxIPC6/heglREC2JMrnQBVDqPoKQalt3JfU6rFA93kpzF/gEvQ/toEOVZi55KpKDzdd/gjPsUCKOzNxCptFkkkOsigeOfNgSu9J/ptrqseu3T0zJtCnuIudvkgRUj0RMVNBJ/UvvWb3XSCAVMkMtF8Ml7pRy3+JV1RCbwbgZZDchQnwsunIFXhc/hWUyCfsX4nmZgx1qPeGYmUdo/Un5QNT6MKyFrm1
And indeed <file://common-lisp.net/etc/sshd_config> lists three keys:
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
I’m not familiar with this practice. What is the purpose of having multiple sshd keys? Shouldn’t we just pick the most secure kind of host key (probably ECDSA)?
--
"A screaming comes across the sky. It has happened before but there is nothing
to compare to it now."
More information about the clo-devel
mailing list