login about faq

when executing this command

sshg3 userid1@hostname1

I get the following error:

****Host key for the host "hostname1" not found from database****

The fingerprint of the host public key is:
"xxx-xxx-xxxx"

You can get a public key's fingerprint by running
% ssh-keygen-g3 -F publickey.pub
on the key file.

Please select how you want to proceed.
    cancel) Cancel the connection.
      once) Proceed with the connection but do not save the key.
      save) Proceed with the connection and save the key for future use.
Please select one (cancel, once, save): save

How can I fix this "host key not found from database" error?

asked Dec 28 '09 at 17:46

Tuan's gravatar image

Tuan
21112

edited Sep 21 '11 at 17:39

SSH%20KB's gravatar image

SSH KB ♦
509249246237


This normally happens when you take a connection to a host for the first time. The host provides its identification, a host public key, and this dialog shows you the fingerprint of the key.

When you see this dialog you should verify the validity of the fingerprint, for example by contacting the administrator of the remote host computer and asking her to verify that the key's fingerprint is correct. If the fingerprint is not verified, it is possible, although unlikely, that the server you are connecting to is not the intended one (this is known as a man-in-the-middle attack).

After you have verified the fingerprint, type "save" to save the host public key. For subsequent connections, the host key is verified using the key saved on disk and you won't see this dialog anymore.

Because the attack scenario is unlikely, most people choose to blindly answer "save" to this prompt. The solution is to obviate the need for the host key dialog altogether:

  • Use Tectia Manager or some other means to automatically distribute trusted host public keys across your hosts.
  • Use X.509 certificates instead of host keys. You only need to distribute the trusted CA certificate to client hosts.
link

answered Dec 28 '09 at 19:11

Ville%20Laurikari's gravatar image

Ville Laurikari ♦
131129

Also as of version 6.1.4 it's possible to configure Tectia client to use a Trust-on-first-use model for server host keys. This will automatically save the host key when connecting to a server for the first time but fail the connection if the server's host key changes for some reason.

(Jan 13 '10 at 19:08) Roman ♦♦ Roman's gravatar image
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×60
×17

Asked: Dec 28 '09 at 17:46

Seen: 7,450 times

Last updated: Sep 21 '11 at 17:39

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.