Add OpenSSH and ECDSA post.

author W. Trevor King <wking@drexel.edu>

Fri, 16 Dec 2011 00:32:33 +0000 (19:32 -0500)

committer W. Trevor King <wking@drexel.edu>

Fri, 16 Dec 2011 00:32:33 +0000 (19:32 -0500)
author W. Trevor King <wking@drexel.edu>
Fri, 16 Dec 2011 00:32:33 +0000 (19:32 -0500)
committer W. Trevor King <wking@drexel.edu>
Fri, 16 Dec 2011 00:32:33 +0000 (19:32 -0500)
diff --git a/posts/OpenSSH_and_ECDSA.mdwn b/posts/OpenSSH_and_ECDSA.mdwn

new file mode 100644 (file)

index 0000000..fdd9441
--- /dev/null
+++ b/posts/OpenSSH_and_ECDSA.mdwn
@@ -0,0 +1,19 @@
+OpenSSH since 5.7 prefers ECDSA over RSA and DSA keys, but you may get
+errors such as:
+
+    Error calculating host key fingerprint.
+    ...
+    The fingerprint for the ECDSA key sent by the remote host is
+    ...
+    Offending RSA key in /home/troll/.ssh/known_hosts:10
+    ...
+
+There seems to be no way to use the old RSA public key in you
+`known_hosts` to automatically trust the new ECDSA key.  You'll have
+to either copy `/etc/ssh/ssh_host_ecdsa_key.pub` into your
+`known_hosts` file by hand, or do the usual
+[[fingerprinting|fingerprints]].
+
+See [Phil Pennock's (the Grumpy Troll) post][gt] for more details 
+
+[gt]: http://bridge.grumpy-troll.org/2011/01/openssh.html
author	W. Trevor King <wking@drexel.edu>
	Fri, 16 Dec 2011 00:32:33 +0000 (19:32 -0500)
committer	W. Trevor King <wking@drexel.edu>
	Fri, 16 Dec 2011 00:32:33 +0000 (19:32 -0500)