wiki:faq/security/fingerprints

Version 1 (modified by Jamie McClelland, 12 years ago) (diff)

--

What's a Fingerprint?

The first time you connect to one of our servers using an ssh-based connection (either via SFTP or ssh), your client program should warn you that you are connecting to a server that you have never connected to before. This warning is important! You do not want to risk connecting to the wrong server, because you will essentially be handing this server your username and password.

With the ssh protocol, servers are identified by "fingerprints." Fingerprints are extremely difficult to forge, so if your program reports that the server you are connecting to has a fingerprint that matches the true fingerprint of the server, you can safely connect.

Below are the fingerprints of our shared hosting servers. Please check your "Primary host" (by logging into our Members control panel) and match up your primary host with the proper fingerprint. If your Secure FTP program reports the same fingerprint as listed below, you can instruct your Secure FTP program to "Always accept" that fingerprint. Then, you will only be warned if the fingerprint changes for some reason.

Before the host key, you may see the numbers "1024" - that indicates the length of the key, but is not part of the key itself.

viewsic.mayfirst.org: 1a:b7:72:b5:5f:a5:fc:73:a5:4c:f7:e8:33:80:5b:33
chavez.mayfirst.org: 6d:c8:59:bb:b9:c6:43:70:2d:b7:99:fa:a0:26:be:0d
malcolm.mayfirst.org: 90:1a:5a:21:3a:c9:c3:24:b4:96:3f:59:3e:ee:c5:ea
mandela.mayfirst.org: 91:43:95:42:ea:a9:c6:43:fc:08:0e:2d:8f:8a:fa:13