When setting up SSH capability between two Linux machines, I am faced with:

The authenticity of host 'x.x.x.x (y.y.y.y)' can't be established. ECDSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx. Are you sure you want to continue connecting (yes/no)? 

I use the following command (in the subject host (server)) to verify said fingerprint is the correct one:

ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key.pub 

However, when setting up SSH capability from a Linux SSH client to a Windows 10 SSH server, when faced with the same challenge, how do I pull said ECDSA key fingerprint from said Windows 10 SSH server?

2 Answers

The Windows 10 SSH server is also OpenSSH and includes the same commands. It stores the host keys in C:\ProgramData\ssh.

ssh-keygen -lf C:/ProgramData/ssh/ssh_host_ecdsa_key.pub 
ssh-keyscan localhost | ssh-keygen -lf - 

Third-party SSH servers might have their own commands, e.g. Bitvise WinSSHD has a graphical interface for host key management, but ssh-keyscan would work with those as well.

0

Turns out I am using an old version of SSH (6.7) . In order to get the ECDSA key fingerprint in the same format as shown in the OP, the following command, run with Admin privileges on the Windows 10 host, is required:

ssh-keygen -l -E md5 -f C:/ProgramData/ssh/ssh_host_ecdsa_key.pub 

I was able to cobble together this command thanks to info I received from user1686

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy