Host keys for Euler login nodes

From ScientificComputing
Revision as of 11:48, 29 May 2020 by Sfux (talk | contribs) (Currently valid keys)

Jump to: navigation, search

Introduction

When we replace the login nodes, the host keys will change, therefore upon next login you will receive a message

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:qdZ/jPc7HODpO2BmCtJxO51jFZVt1t6fjjbtiUAZemI.
Please contact your system administrator.
Add correct host key in /path/to/your/home/.ssh/known_hosts to get rid
of this message.
Offending RSA key in /path/to/your/home/.ssh/known_hosts:252
RSA host key for euler.ethz.ch has changed and you have requested strict
checking.
Host key verification failed.

Currently valid keys

The MD5 and SHA256 fingerprints of the login nodes' ED25519 and RSA keys are:

  • ED25519 : MD5:2f:c3:be:36:60:86:28:34:d8:4e:cb:27:66:66:25:a4
  • ED25519 : SHA256:cbQ9er7E8tFacneNGj2ze09bQUapCuUni5JMiF+wH0A
  • RSA : MD5:ab:4b:dd:24:2a:22:eb:5a:74:2a:72:ed:9c:d1:ad:6f
  • RSA : SHA256:qdZ/jPc7HODpO2BmCtJxO51jFZVt1t6fjjbtiUAZemI

Some SSH clients (for instance tectia ssh) display the fingerprints in the bubble babble format:

  • ED25519 : xedal-cofeh-dakod-vaful-rolus-hazys-ruvub-caloh-bogef-rereb-zuxox
  • RSA : xibef-zopuc-tyrur-cukuz-latav-zadah-gemeh-rihin-rigis-cugys-haxux


How to remove the old key and add the new one

Linux/Mac OS X

Please remove the old host key with the following command

ssh-keygen -R euler.ethz.ch

After removing the old host key, you need to login again, compare the displayed host key with the ones published on our wiki and accept the new one in case it is matching.

Windows

If you are using PuTTY, then you can remove the old host keys in the Windows registry.

  • Start regedit.exe
  • Navigate to HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys
  • Delete the host key for euler.ethz.ch

After removing the old host key, you need to login again, compare the displayed host key with the ones published on our wiki and accept the new one in case it is matching.