When an SSH client connects to a server for the first time, it displays the fingerprint of the system's SSH public key. You, the user, are supposed to verify the fingerprint before you accept the connection (to protect against a spoofing attack on first connection). Once you accept the ssh client remembers the key & will allow connections to that server in the future & won't bother for a confirmation in the future unless the key changes.
Does anyone know how to either: A) Display the SSH key fingerprint on the router itself or B) Know of a Windows based tool that can take the public key that the router will display and compute the fingerprint? Thanks in advance.
I think we don't have a way to see the "fingerprint" on either PIX or IOS. The only thing we can do is to check the RSA keys by typing these commands: show crypto key mypubkey rsa (in Routers) and show ca mypubkey rsa (in PIX).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...