From: W. Trevor King Date: Fri, 16 Dec 2011 00:32:33 +0000 (-0500) Subject: Add OpenSSH and ECDSA post. X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=de9d7274f23e7d9168d205b8ebf3546492797383;p=mw2txt.git Add OpenSSH and ECDSA post. --- diff --git a/posts/OpenSSH_and_ECDSA.mdwn b/posts/OpenSSH_and_ECDSA.mdwn new file mode 100644 index 0000000..fdd9441 --- /dev/null +++ b/posts/OpenSSH_and_ECDSA.mdwn @@ -0,0 +1,19 @@ +OpenSSH since 5.7 prefers ECDSA over RSA and DSA keys, but you may get +errors such as: + + Error calculating host key fingerprint. + ... + The fingerprint for the ECDSA key sent by the remote host is + ... + Offending RSA key in /home/troll/.ssh/known_hosts:10 + ... + +There seems to be no way to use the old RSA public key in you +`known_hosts` to automatically trust the new ECDSA key. You'll have +to either copy `/etc/ssh/ssh_host_ecdsa_key.pub` into your +`known_hosts` file by hand, or do the usual +[[fingerprinting|fingerprints]]. + +See [Phil Pennock's (the Grumpy Troll) post][gt] for more details + +[gt]: http://bridge.grumpy-troll.org/2011/01/openssh.html