Controls/gitea-pages
0
2
Fork 0
Code Pull Requests Actions Activity
Files
3f8b3e7fdac656ec8d2e53ac977ad93a76e3443a
gitea-pages/user-guide/ssh_host_key_certificates.md
Konrad Bucheli f17afaf020 RSA makes trouble
2024-01-12 08:14:59 +01:00

943 B
Raw Blame History

SSH Host Key Certificates

The SSH host keys of Puppet managed Linux hosts have a certficate which avoids below key acceptance question:

$ ssh hipa-gw
The authenticity of host 'hipa-gw (129.129.197.23)' can't be established.
ECDSA key fingerprint is SHA256:aRuVOefLvadIyDTxlSglDNylKG6eww2ZW0ddZs97dUo.
ECDSA key fingerprint is MD5:a8:be:15:24:9c:2b:82:7f:9d:9f:88:3f:e4:8c:df:cd.
Are you sure you want to continue connecting (yes/no)?

To accept SSH host keys with a certificate, please update either ~/.ssh/known_hosts (your user only) or /etc/ssh/ssh_known_hosts (system-wide) as follows:

# SSH host key certficate CA manged by PSI Puppet
@cert-authority * ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBF2xLCCHNmXSeY+qNPmdo/jO2AXrcHyQDqZLBzWVwk2/GqMRDl4mavZLBPyQPNeLGAPc+BHg7iRC65wQQEeYOVU=
@cert-authority * ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhIx/obIiiO9AtrUgj7pF8kAgv4g9Dp+DRXilkmlkxK
View Git Blame Copy Permalink