Chris <[email protected]> writes:
> I've recently enabled VisualHostKey yes in my .ssh/config file. I
> would like to hear from people who are using it and how they are
> finding it useful.
Not much to say, really. The assumption that the ASCII-art picture
gives you a fairly unique shape per host that stands out more than a
change in a string of hex digits seems to be correct at least in my case.
One practical example - if you're used to seeing
Host key fingerprint is 67:88:39:bd:7f:3c:df:a5:47:87:de:bd:9b:5e:7b:55
and one morning when you've had way too little coffee you may not
notice anything different if the machine greets you with
Host key fingerprint is 4b:b3:3e:54:54:ae:f0:0f:8d:28:10:d2:db:53:77:3f
but you likely would notice the difference between
+--[ RSA 1024]----+
| |
| |
| |
| + . E|
| + S o ..|
| . + . +|
| . . . o*|
| . + .oX|
| .. o+B=|
+-----------------+
and
+--[ RSA 1024]----+
| ... .. |
| ... . o.. |
| .o ..o ... |
| ..o +.+ E |
| ..S.= . . |
| o.+ o |
| .o . |
| .. |
| .. |
+-----------------+
(both actual samples from machines in my care)
so yes, I think it's a helpful feature.
- Peter
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
