When setting up SSH capability between two Linux machines, I am faced with:
The authenticity of host 'x.x.x.x (y.y.y.y)' can't be established. ECDSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx. Are you sure you want to continue connecting (yes/no)? I use the following command (in the subject host (server)) to verify said fingerprint is the correct one:
ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key.pub However, when setting up SSH capability from a Linux SSH client to a Windows 10 SSH server, when faced with the same challenge, how do I pull said ECDSA key fingerprint from said Windows 10 SSH server?
2 Answers
The Windows 10 SSH server is also OpenSSH and includes the same commands. It stores the host keys in C:\ProgramData\ssh.
ssh-keygen -lf C:/ProgramData/ssh/ssh_host_ecdsa_key.pub ssh-keyscan localhost | ssh-keygen -lf - Third-party SSH servers might have their own commands, e.g. Bitvise WinSSHD has a graphical interface for host key management, but ssh-keyscan would work with those as well.
Turns out I am using an old version of SSH (6.7) . In order to get the ECDSA key fingerprint in the same format as shown in the OP, the following command, run with Admin privileges on the Windows 10 host, is required:
ssh-keygen -l -E md5 -f C:/ProgramData/ssh/ssh_host_ecdsa_key.pub I was able to cobble together this command thanks to info I received from user1686