1

I have a cloud server of IP address 39.106.xx.xxx hosted on Aliyun. I generated a RSA 2048 ssh keypair (~/.ssh/rsa_bj.pub and ~/.ssh/rsa_bj) on my local laptop using ssh-keygen, and imported the public key file to the server through console webpage of Aliyun.

When I ssh connect to the server, it shows the fingerprint of my public key, beginning with Meg4xe. But this fingerprint does not match my local fingerprint, which I got by ssh-keygen -l -f ~/.ssh/rsa_bj.pub, beginning with qEqyMv.

Does this mean that I ran into a man-in-the-middle attack? Or does it mean that the two fingerprints were calculated using different rehash algorithms on the same public key?

my ssh config file my commands

Fan Jin
  • 36
  • 6
  • Although the fingerprints do not match, I can login to the server using the keypair specified in the `config` file. – Fan Jin Aug 29 '18 at 20:20
  • The fingerprint shown to you by `ssh` was the fingerprint of the host key, not the fingerprint of your user key. This host key is then saved in your `.ssh/known_hosts`. – alvits Aug 29 '18 at 21:11
  • Thank you, @alvits . Now I know the difference between host keys and user keys. But I still do not know how to verify that I'm not in a MITM attack, since the only thing I ensure is the public user key. I cannot plug in a monitor to that server to check the fingerprint because it's a clout server. – Fan Jin Aug 30 '18 at 07:18

0 Answers0