SSH - Host Key (or Ssh Public Key)

host keys are just ordinary SSH key pairs. Each host can have one host key for each algorithm.

You should get an SSH host key fingerprint along with your credentials from a server administrator in order to prevent man-in-the-middle attacks.

The host keys are usually automatically generated when an SSH server is installed but you can recreate them on the server with keygen

• for Cryptography - RSA (Rivest–Shamir–Adleman)

ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key

2048 0d:f4:2e:7b:be:e1:4c:0b:06:52:2b:4d:a4:51:1f:74 /etc/ssh/ssh_host_rsa_key.pub (RSA)

• Others

ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key
ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key

• On the client: see SSH - Known Hosts File

On the server: Host keys are stored in the /etc/ssh/ directory.

The host keys are almost always stored in the following files:

/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_rsa_key

ls /etc/ssh/*.pub

/etc/ssh/ssh_host_dsa_key.pub
/etc/ssh/ssh_host_ecdsa_key.pub
/etc/ssh/ssh_host_ed25519_key.pub
/etc/ssh/ssh_host_rsa_key.pub

cat /etc/ssh/ssh_host_rsa_key.pub

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDwnFlKBk9t/pfd7vQGBrk+JNghDFJRa7G0rLrIoXUTtxconS7qZsZyTfEeh+l2cowWpKxpf03KyxouT7B3IdNjwXWHNKloQcE/8FYLhlcVw+Aicji5oUMdTfTberzCluYIyz4PUwE8rmgNejQbVLhl+lOfoacPMUJ4P6ahQ71WFTmFTEZ+CFnAmHeqtG7scl53DkICnXPkZ+57ymh1WM9h0kYFxVcZBXg7BOZpI/wrXkuWRXU6wpYHS481q/pjJTiLXZGIQhcXg1/inOCMgC1B9W92Rq/aviknWSS98/xQi2JbduG7Jw9Dn523Rs3nutUAQ6CMK7owjVtnvb54Bs1B [email protected]

The fingerpint of a public key consists of the MD5 of the public key. This is the same data that is base64 encoded to form the body of the public key file.

See The Secure Shell (SSH) Public Key File Format

• The Secure Shell (SSH) Public Key File Format