I am using python Paramiko to connect using ssh to a remote ubuntu box hosted on a vps provider. Using a windows 7 based client machine, I am able to connect as follows:
import paramiko
import binascii
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
ssh.connect(hostname='HOSTNAME', username='USERNAME', password='PASSWORD')
This is all good, but now I want to verify the host server identity and because I'm on windows, Paramiko won't be able to fetch the known_hosts file or something like it. I tried the following code:
#... after connection is successful
keys = ssh.get_host_keys()
key = keys['HOSTNAME']['ssh-rsa']
print binascii.hexlify(key.get_fingerprint())
# key.get_fingerprint() returns the md5 hash of
# the public part of the key (whatever that means)
which is giving an output similar to the following:
a42273f83e62d65cc87231a2ba33eff3
The thing is, on my VPS provider's cpanel, I have the RSA and DSA host key fingerprints listed as something like:
RSA 1b:c2:f4:8f:f2:86:fc:f2:96:ba:cc:24:41:e9:d7:86
DSA 36:b9:1f:ad:53:b5:c4:38:78:bf:cb:9d:38:fa:44:ce
and as can be seen none of the fingerprints match the generated one. How can I compare my manually generated fingerprint to the fingerprint values on the remote host's cpanel? Is what I'm doing correct?
