SOLUTIONS > WHITEPAPERS > SECURE SHELL HOST KEYS
Send us a question or comment

Accepting a new host key

If the host key does not match an existing key in the client application's host key database, a challenge message is generated by the client application. An example text message and dialog box are shown below.

The host key database does not contain an entry for the hostname myserver, which resolved to 192.168.0.29, port 22.

It is recommended you verify your host key before accepting.

Server's host key fingerprint (MD5 hash):

14:09:26:bc:13:24:31:5c:f7:6c:39:94:f7:4d:52:14

If you trust this host, enter "y" to add the key to the host key database and connect. If you do not trust this host, enter "n" to abandon the connection.

Accept and save? (y/n)

If you're using a Windows client, you may see a dialog such as:

Many users, not understanding exactly what the text or dialog means, simply accept the new host key. Accepting the key is problematic if the user does not know for certain that the host key it has just accepted is actually from the server that the client believes it is connecting to.

  << Accepting a new host key page 2