wiki:faq/security/fingerprints

Version 14 (modified by Jamie McClelland, 15 years ago) (diff)

--

What's a Fingerprint?

IMPORTANT: Due to a security problem with the way keys were generated, most host keys are being updated the week of 2008-05-14! That means when you connect to a server that has been updated, you may get a warning that the host key has changed. Be sure to check the current host key fingerprint (see below) to ensure that the connection is secure.

The first time you connect to one of our servers using an ssh-based connection (either via SFTP or ssh), your client program should warn you that you are connecting to a server that you have never connected to before. This warning is important! You do not want to risk connecting to the wrong server, because you will essentially be handing this server your username and password.

With the ssh protocol, servers are identified by "fingerprints." Fingerprints are extremely difficult to forge, so if your program reports that the server you are connecting to has a fingerprint that matches the true fingerprint of the server, you can safely connect.

Below are the fingerprints of our shared hosting servers. Please check your "Primary host" (by logging into our Members control panel) and match up your primary host with the proper fingerprint. If your Secure FTP program reports the same fingerprint as listed below, you can instruct your Secure FTP program to "Always accept" that fingerprint. Then, you will only be warned if the fingerprint changes for some reason.

Before the host key, you may see numbers like "1024" or "2048"; these numbers indicate the length of the key, but are not part of the key itself.

To find a fingerprint for a file, click on the server from our server list and then click on the fingerprint file.

The most commonly used server fingerprints are below for easy reference: