HPCE/gitea-pages
0
0
Fork 0
Code Issues 3 Pull Requests 1 Actions Packages Projects Activity

add SSH host key fingerprints (so users can self verify) #16

New Issue
Open
opened 2025-10-23 16:12:59 +02:00 by viessm_h · 1 comment
viessm_h commented 2025-10-23 16:12:59 +02:00
Owner
Copy Link

I think we should add the SSH fingerprints to the user docs, within the pages for accessing the interactive nodes.

Something like:

SSH security strongly relies on the machine you are connecting being trustworth. This is achieved by using special Host Keys, which are present to the SSH client. The user is normally prompted (when connecting for the first time) to verify that the Host Keys match up with what is expected on the server. In this way the user can know that they are connecting to a secured machine. For the Merlin7 login nodes, the SSH host key fingerprints are:

256 SHA256:JIRPllRmLDIRcufAQ5qrDCciGyaz/scj5vA0s9yzB48 login001.merlin7.psi.ch (ED25519)
256 SHA256:nnP4IeemgKFGEVQd0WF2k7bpwQ+Xcy+XlK5iz6LZz1U login002.merlin7.psi.ch (ED25519)

If the fingerprints are not the same as above, DO NOT confirm their validate and DO NOT enter your password! Please report the issue either via ServiceNow or directly via the Admin mailing list.

What do you guys think?

I think we should add the SSH fingerprints to the user docs, within the pages for accessing the interactive nodes. Something like: > SSH security strongly relies on the machine you are connecting being trustworth. This is achieved by using special Host Keys, which are present to the SSH client. The user is normally prompted (when connecting for the first time) to verify that the Host Keys match up with what is expected on the server. In this way the user can know that they are connecting to a secured machine. For the Merlin7 login nodes, the SSH host key fingerprints are: > > ``` > 256 SHA256:JIRPllRmLDIRcufAQ5qrDCciGyaz/scj5vA0s9yzB48 login001.merlin7.psi.ch (ED25519) > 256 SHA256:nnP4IeemgKFGEVQd0WF2k7bpwQ+Xcy+XlK5iz6LZz1U login002.merlin7.psi.ch (ED25519) > ``` > > If the fingerprints are not the same as above, DO NOT confirm their validate and DO NOT enter your password! Please report the issue either via ServiceNow or directly via the Admin mailing list. What do you guys think?
pozsa_k commented 2025-10-24 09:25:15 +02:00
Owner
Copy Link

@viessm_h looks good to me! You have a typo here:

DO NOT confirm their validate

@viessm_h looks good to me! You have a typo here: > DO NOT confirm their validate
👍 1
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
agosti_j assman_g caubet_m feichtinger gsell pozsa_k viessm_h
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: HPCE/gitea-pages#16
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?