HPE Community
Operating System - HP-UX
1834136 Members
2445 Online
110064 Solutions
New Discussion

First Login after install of SSH 3.71

 
SOLVED
Go to solution
Ryan B
Frequent Advisor

‎05-18-2004 07:25 AM

‎05-18-2004 07:25 AM

First Login after install of SSH 3.71

Hey Gang~

I just installed SSH for the first time and all went well. However, I have some questions in term of the config. From some other posts, it looks like I don't need to go through the key generation and can just use password authentication if I uncomment the entry in ssh_config. Can someone verify that this is true?

Also, I did "ssh -v -l username hostname" and it logged in, but before I said continue I got a message about "The authenticity of host 'bart (xxx.xxx.xxx.110)' can't be established". I just said continue anyway and also verified that nslookup works for the host in question. However, I am wondering why I got this is password authentication is valid, etc? The second time I did not get this after it added it to the valid host list...

Thanks for the help
0 Kudos
Reply
4 REPLIES 4
Sridhar Bhaskarla
Honored Contributor

‎05-18-2004 07:33 AM

‎05-18-2004 07:33 AM

Re: First Login after install of SSH 3.71

Hi Ryan,

When the system connects to the other system, first thing it will do is to check the authenticity of the remote host by comparing the hostkey (or fingerprint) it got from the remote system against the one that is present in it's .ssh/known_hosts file of that user. If an entry is missing for that host, then it will display the message you got. When you continue, it will add the hostkey of the remote host into the known_hosts file and will use it for later connections.

This way man-in-the-middle attacks can be prevented.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try
0 Kudos
Reply
Ryan B
Frequent Advisor

‎05-18-2004 07:38 AM

‎05-18-2004 07:38 AM

Re: First Login after install of SSH 3.71

Sri~

Will this happen on first login regardless of the authentication method you choose to use?

Thanks,

Ryan
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎05-18-2004 07:42 AM

‎05-18-2004 07:42 AM

Solution

Re: First Login after install of SSH 3.71

Yes - This is for the first login for every user on the system to the remote system that has been installed with ssh.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
Andrew Cowan
Honored Contributor

‎05-19-2004 06:40 AM

‎05-19-2004 06:40 AM

Re: First Login after install of SSH 3.71

You can pre-distribute keys from server to server throught the "known_hosts". By doing this you can avoid the users ever seeing this message, and also set sshd in paranoid-mode. Then users cannot connect to any machines other than the ones you want them to.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.