Manuals / Black Box / Computer Equipment / Server

Black Box LES144BA, LES1332A, LES1408A, LES1416A Fingerprinting, Ab7e33bd85505a430be0bd433f1ca5f8

Models: LES1116A LES110BA LES1308A LES1348A LES144BA Value-Line and Advanced Console Servers LES114BA LES1432A LES1332A LES1316A LES1416A LES1208A-R2 LES1132A LES1216A-R2 LES1232A LES1248A-R2 LES1408A

1 286
Download 286 pages 6.23 Kb
Page 257
Image 257

To automate connection of the SSH tunnel from the client on every power-up you need to make the clients /etc/config/rc.local look like the following:

#!/bin/sh

ssh -L9001:127.0.0.1:4001 -N -o StrictHostKeyChecking=no testuser@<server-ip> &

This will run the tunnel redirecting local port 9001 to the server port 4001.

15.6.6 Fingerprinting

Fingerprints are used to ensure you are establishing an SSH session to who you think you are. On the first connection to a remote server you will receive a fingerprint that you can use on future connections.

This fingerprint is related to the host key of the remote server. Fingerprints are stored in ~/.ssh/known_hosts.

To receive the fingerprint from the remote server, log in to the client as the required user (usually root) and establish a connection to the remote host:

# ssh remhost

The authenticity of host 'remhost (192.168.0.1)' can't be established. RSA key fingerprint is 8d:11:e0:7e:8a:6f:ad:f1:94:0f:93:fc:7c:e6:ef:56. Are you sure you want to continue connecting (yes/no)?

At this stage, answer yes to accept the key. You should get the following message:

Warning: Permanently added 'remhost,192.168.0.1' (RSA) to the list of known hosts.

You may be prompted for a password, but there is no need to log in— you have received the fingerprint and can Ctrl-C to cancel the connection. If the host key changes you will receive the following warning, and not be allowed to connect to the remote host:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! @

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed.

The fingerprint for the RSA key sent by the remote host is

ab:7e:33:bd:85:50:5a:43:0b:e0:bd:43:3f:1c:a5:f8.

Please contact your system Administrator.

Add correct host key in /.ssh/known_hosts to get rid of this message.

Offending key in /.ssh/known_hosts:1

RSA host key for remhost has changed and you have requested strict checking. Host key verification failed.

_____________________________________________________________________

724-746-5500 blackbox.com

Page 257

Page 256 Page 258
Page 257
Image 257
Black Box LES144BA, LES1332A, LES1408A Fingerprinting, Ab7e33bd85505a430be0bd433f1ca5f8, Offending key in /.ssh/knownhosts1
Page 256 Page 258