Learning Day Part 2 -- SSH Host Keys

I started reading about SSH and stumbled onto host keys. I decided to start reading about them, because while I know that individual SSH clients can have keys, I'd never really focused much on reading about host keys.

Short white paper I found

This is helpful in getting started: Understanding Secure Shell Host Keys.

Really, it's just a way to verify that the SSH server you are connecting to is the one you intend to connect to and that you aren't being man-in-the-middled. It's used to verify the server's identity.

I kind of see it as something of an SSL certificate for SSH instead or a webserver. The same way a cert signed by a trusted CA helps verify the identity of the server, the host key helps you be sure (well, mostly sure. I suppose a key can be compromised) that the server you are SSH'd into is the one you intended to connect to.

That's what's going on when you are connecting to a server for the first time and you see the message that says "the authenticity of host <hostname> can't be established." Once you approve it. You obtain the host's public key and your machine verifies that it's connecting to the right server the next time you SSH in. You shouldn't see the message again unless the host key changes. When this happens, it's always a good idea to verify that the change was intentional, you aren't connecting to the wrong host or you aren't being MitM'd.

You don't have to worry about manually creating the hostkey. It happens automatically when the SSH service first kicks off.

Oh well. Cool little bit of reading I did on that.