login about faq

We are having to cleanup some user accounts on a collection of production servers. In theory they should all have the same usage on them but we have noticed that the ~/.ssh2/hostkeys/keys files are all over the board. Our base install doesn't even have that directory and we are seeing some sites with that directory, some without. Those with it we are seeing 1 or more keys_ files.

Since we don't want to run the risk about breaking some undocumented processes we need to try and identify what servers these servers were connecting to. Is there a way to decrypt those hostkeys entries?

Example

$ cat keys_008136b250f03e2e6fe2ec96ec6acc788742c06a 20ef3b9a68e4fb5bc6c8f63419840ed8299cf2bb <=== How do I figure out what host this is?

asked Apr 10 '13 at 01:31

Wiglaf1979's gravatar image

Wiglaf1979
1112

edited Apr 10 '13 at 01:33


As the documentation says: to hide the server host names is a “security feature”. You would have to crack the cryptographic hash algorithm to get the original name. The only thing you can do is to guess what servers could be present among the saved ones and check which file is it using command:

$ ssh-keygen-g3 -F <server>#<port>

or

$ ssh-keygen-g3 -F <server>

Also the GUI configuration tool has the same feature.

If you prefer to see the server names in key filenames you can configure it client configuration file:

<known-hosts path="$HOME/.ssh2/hostkeys" filename-format="plain" />

It can be changed also globally for all users.

With regards

Martin

link

answered May 11 '13 at 23:11

Martin%20Dobsik's gravatar image

Martin Dobsik ♦
599126

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×2
×1
×1

Asked: Apr 10 '13 at 01:31

Seen: 2,308 times

Last updated: May 11 '13 at 23:11

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.