Client Login 
Community 
Contact Us 
LinkBack URL
About LinkBacksWhen logging into the shell with PuTTY, a message box pops up that gives a message "The server's host key is not cached in the registry... The server's rsa2 key fingerprint is... If you trust this host hit yes..."
How do I go about finding out what the server's key is so that I can trust it?Do I have to get this from support?
Welcome to the JaguarPC Community
Results 1 to 4 of 4
This is a discussion on PuTTY and the server's RSA Key in the Shared & Semi-Dedicated forum
When logging into the shell with PuTTY, a message box pops up that gives a message "The server's host key is not cached in the ...
-
01-13-2005, 07:58 PM #1Loyal Client
- Join Date
- Oct 2004
- Posts
- 9
PuTTY and the server's RSA Key
-
01-13-2005, 09:10 PM #2Old Hillbilly
- Join Date
- Sep 2001
- Location
- Hills of Missouri
- Posts
- 2,648
I'm not sure but I think you have to hit trust. That's what I did with 3 different sites. I had no reason to believe that my log in had been hijacked. After hitting trust you should not get that message again.
Forum Moderators - Jag Staff
Spam Whackers Blog - Dedicated to fighting Spam and providing General SEO Tips
Organize your Kitchen or purchase Kitchen Accessories at Condells
Ihelpyou Forum - Dedicated to "Best Practices" SEO
-
01-14-2005, 12:53 AM #3|| $name ne 'R.Stiltskin'
- Join Date
- Jun 2003
- Location
- Tejas
- Posts
- 2,438
Verifying the host key
You are being prompted to accept the "secure" server's host key for further communication. The presentation of that key by a server is to present a confirmable signature (A virtual "Hello, My Name is SafeComputer1 " and if you don't believe, me go ask the hostess) before you give them your name, password, and business card. If you don't trust the computer saying who it says it is, it allows you to withdraw your request and investigate further.
WinSCP, since it runs on Win32, stores the key in your PC's registry so that in between sessions, you can confirm that, while the IP may not have changed, the server's unique key ID did not either. (spoofing)
You'll have to accept this to avoid getting prompted everytime you connect but I don't believe it's mandatory to store it in your registry for putty to function... it's just an added feature to help you monitor connections between sessions when you have previously trusted a particular server in the past. If you are paranoid, ask the Jag administrator to send you a fingerprint by email so you can compare it to the one presented on connection. Actually, just accept the key from Jaguar and say yes (store it in your registry) and you'll be just fine. If a warning pops up later, you'll know something is wrong. Then you can worry.
-
01-14-2005, 06:57 AM #4Community Leader
- Join Date
- Sep 2001
- Location
- Rochester, NY
- Posts
- 6,003
Sometimes the keys do change, such as if a server crashes and gets rebuilt (I've had that happen to be a couple times, once here a long time ago and somewhere else), but normally it will not. So if you trust the key WinSCP will serve as your watchdog and warn you if the key ever changes. If you see that warning again then you'll know something has changed and you can follow up as appropriate.
--Jason
Reply With Quote
Posting Permissions
Get Social:
Copyright © 2011 JaguarPC.com
Bookmarks