Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE

NA - Verify SSH fingerprint to prevent man-in-the-middle attacks

NA - Verify SSH fingerprint to prevent man-in-the-middle attacks

When using an ssh client (e.g. openssh), the ssh client receives a fingerprint from the server to which it connects. When the user accepts the fingerprint the connection will be established and the fingerprint is stored locally. The next time a connection is made to the same server the ssh client compares the fingerprint of the server to the one that was saved from the previous session. If the fingerprint does not match an error message is displayed and the connection will be aborted. This mechanism prevents a man-in-the-middle attack. A man-in-the-middle can simply retrieve sensitive information like username and passwords.
NA does not check for the fingerprint in the web gui nor the ssh console.

3 Comments
Micro Focus Expert
Micro Focus Expert
Changed the status to Waiting for Votes.
Micro Focus Expert
Micro Focus Expert
Status changed to: Waiting for Votes
 
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor
Status changed to: Accepted
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.