Two ssh keys for common-lisp.net?
evenson at panix.com
Mon Mar 16 09:30:40 UTC 2015
I keep getting messages about SSH key mismatch for common-lisp.net. It seems that two SSH keys are being negotiated for my client where it isn’t clear which one is chosen:
220.127.116.11 ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBJi/0OMu3anrn4jRBQ0KumZUaIWLKb59q4egMU2ljgvBk7Fgvl3tcwphJzETqB0Rap0n8naR/pj5SDNzenjLgQo=
18.104.22.168 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1/IAysdjPDZvOfpFESxhhokPmPrXi2n3dy3HfWDe0mQvkki0cJYPwhsKDe28uIneMUOMWUYCDI6FD6/phLrQQww2K88SXs3hskj4ZWjwNz0UTaYBoutRc9KxIPC6/heglREC2JMrnQBVDqPoKQalt3JfU6rFA93kpzF/gEvQ/toEOVZi55KpKDzdd/gjPsUCKOzNxCptFkkkOsigeOfNgSu9J/ptrqseu3T0zJtCnuIudvkgRUj0RMVNBJ/UvvWb3XSCAVMkMtF8Ml7pRy3+JV1RCbwbgZZDchQnwsunIFXhc/hWUyCfsX4nmZgx1qPeGYmUdo/Un5QNT6MKyFrm1
And indeed <file://common-lisp.net/etc/sshd_config> lists three keys:
I’m not familiar with this practice. What is the purpose of having multiple sshd keys? Shouldn’t we just pick the most secure kind of host key (probably ECDSA)?
"A screaming comes across the sky. It has happened before but there is nothing
to compare to it now."
More information about the clo-devel