psgnet hosts' ssh public keys

From: Randy Bush 
Date: Tue, 3 Oct 2006 09:46:17 -1000
To: Randy Bush 
Subject: psgnet hosts' ssh public keys

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

you may have read in the net press of a software kit to give the kiddies a
'monkey in the middle' attack on ssh.  this attack kit does not espose any
flaw in the ssh protocols, but relies on fooling users into accepting a new
host key for the target host [1].

to help you help us guard against this attack, i have posted a pgp signed
message with a copy of the ssh fingerprints and keys for psgnet hosts as
.

you can verify my personal pgp signature against the public keyring.  you
may cut and paste these ssh keys into your ssh client's keyring [2].  this
gives you an authenticated 'out of band' source for the keys.

i will keep the  page current should any keys
change.  so, if you ever get a key warning message from an ssh-based tool,
DO NOT just say "ok."  please check the web page for any updates and install
them.  if you still get a warning message, then do not say "ok."  there is
someone, likely on your local network, attacking!

thanks for helping keep PSGnet a safe place to work.

randy

- - ---

dsa fingerprints and keys

psg.com:
1024 97:5e:54:6b:6b:aa:85:a1:e1:2e:13:2d:e6:93:7e:77
ssh-dss AAAAB3NzaC1kc3MAAACBAJm02kwooNNV0KHpFK7+DOG0IB1pCGHlZT5KxuFHUMjI8nSGjPy8jC3Is8vmIJYOCzinANqWjxYGVdampUFjLm4r/w5s7KS04XPXZixnev1HrVYsZqUjHuLd7RtLCoN78ybvJLHT4iiFx6GTiJlXThFRkhCvMef8fN/0l6xPt6NpAAAAFQCYPZg/RR+TQV7oqPvRCsVsOW2oCwAAAIBJJ3OMCIJU6mBeAIfY4HdndiFdR/z/90pzLs5w558ELH2/pMQRnL5FAejlcMBdxrLNFieDv1LHFTsFj14TdVP0v0Mf3mlSonrp+uhN3Hu/AiJmcB0T6hQYXPo7j/yTX5FhChhxDfabp3OOOPVEoi7hSL7vClh4Fwm5Z7Q//HiVMwAAAIAW6pNmmzRQZpS2/9RIZsI77rjC/Gki2CrXm4r9QpRXupu224Ifcr8scUvxBjjtPUhi/m5HrhfjS3Vy6Zqg1mkagD469IpBbba6bSJywZUDB9hSMiF+YlgUc3n+PqeDv9Ml3g12/8EFr1weJp+eCfnVil8iLbGOtinAog/TChZAJg== root@psg.com

rip.psg.com:
1024 66:07:61:ce:6b:6c:4d:b1:ca:2b:c3:6c:c6:df:aa:12
ssh-dss AAAAB3NzaC1kc3MAAACBAKpHV+aKdfTAbolXrPfao85Umij1/oY6Xh+oQ0z7+hrKTLNXW08pYnZUJDFMDmHCKBVT1nLDbCELe2fwH708MBKpJMbh9IuvL4ah2Eu23b0CNMNKqZvuEpVqSH7GC0SmrjAPejp4cKAVy9IjBVdqQWv2OLjm/Y+ofo7gDqaESUMzAAAAFQDSj/dlLzCxsvpthEY0tDraibtivQAAAIBrMyGa43CTgl2Glfrgp53QWa1kzZW9TUY7LBJbO2b7au9ZoI4ZpS9Sx581oMMTwJIOkAquFR/qbFdmuPTliJlf+mp9MmSAuI5rUSlaU8g5lwCUo6xRyXTpPNbGcbNLIxsdkKRCFkzIsj2QQKCRewXYHsGo7JpBBevn7N2v8PftMAAAAIBAEy255BmJppSV/K0w/QYW/tloa+p0UxUHUllr6DH8r3u81AXix5nr82jod8MiNvMylvQxJogmnNxLl2IPIF6YYHIRK3UHYAI32p5Su+7i0MopikF1STkUpzimhxCviwgMa6vA1codTFL7ToVWFeHyHYKwOG1XIRAn/uqtMFF9LA==

work0.psg.com:
51:57:b8:d6:66:af:ed:70:1c:ef:71:c7:63:02:0d:2f
work0.psg.com ssh-dss AAAAB3NzaC1kc3MAAACBALSkOPo09frD4Eg4XO45bJ/P5iiXVPTQnJI6rPWymXtBsQ8wPz/OAidzDI6wpf6r26XLI3uvoiUOmWfwfOG1ZmL42TpSJUFXpSB7HuwOFk61pR/3iNcgu63KrXrSf9gpDAQd24rkgbnv2vwVki++T9L3wfrwo7y0LrK+1vgt/6vfAAAAFQDsg0+s+7UlIIWKLBNaf2mUvasJuQAAAIAUu8l57Es8NYLvwQRc51qbvEslW+40LiU/Ypdnk1M128S/7f9ep0XEHINOjhKdvWxQzTe4YAtsWOJilP7tlJKwbtN8Us64dMWgi6NWwXk4KaQEPQFu6n89cgFNKDKqMAlIXy86I89beQrJSguIFXn76EuP4ZwOfn2QIUsDN1WsSgAAAIEAmsDybui0XApH3BO4+wAdmOzs6bivYDRWWpnZw0zZNAV8+Aw5KHOnWP+rNCxbOWewNVOu2rHPP24kEv/B1dGKEdrw6zKy04rz+blx4k8aOwXo3rJvFoZwWTJpmTKeVPia9hctV1VDrFlv36c9s+z9RYy2dstNl+FF/YTLuIbqDSs=

raid0.psg.com
4d:dc:08:3b:cd:e6:93:e2:4e:2e:e3:d4:58:fa:66:e7
raid0.psg.com ssh-dss AAAAB3NzaC1kc3MAAACBAJ6cx5I0XycvhrLDK+aGUhXR+1kagLXYZWnLPyY8G70bkBTX9w+cPQdFRU02ZYjUlqOxwByfTW+NEkTqEFGFtiMRhFoPPoRWH5Le4g7reFscRCkg5l5zf38VQZ3tHNYY+futKNYsvHFwJFgIV4W+GaBdOgK9TNUcgmPmEqSGDe2LAAAAFQC+Z1YbMWhm0OzpXIh0dlBe6HRXIwAAAIBqWWp9IwGmUdPHM/XhKEFNQsQqIXlGRMT7oz0GJama29e434K8iIdOcYjwR7VKCg80LbGMC1WH6isCKQJWQ44RVfWlpZJV+miBtPnbkvvuE9CPcxdf4vKA6ydS+4dx3ZB3LbpLZnmBlVdqaFvpjgmeF6h12L598/J5Dv3yqq+kPQAAAIEAh/KrvSx2ae5IUyYTXXgi9TwK82r6eb602lKt3Zu/Sz9y0YHu8rBpXkMTVSzL9kHVF6Q2PLqnntBMVlA9e+thOMct++hsy9hkWm9HKaRmdC/nw44KBJymlIZFTCqDc+y7AF07rDJHeBVrzisONA1YHAYDB4bkE+mYbE5gvld/Bqs=

- ---

rsa fingerprints and keys

psg.com:
d2:2b:f1:17:75:0d:c9:86:74:71:e2:00:62:0f:22:02
psg.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA0zXTAUwgOdLUwUGAAasy5NS6cvNRaC887b7YmHKpMNUHyxhO5JEz3d4Pc+Kf9+SK4FHe2lCGcvkc+ipoGs4peDnVJrauPFLR3bfABRjriccfbM6QjjNxeJuys16F+y6Bqoi7EFLIa6a5a9I0XscxZwT/gCcT20BKhUYkC1qFXrM=

rip.psg.com:
13:c4:5a:1c:0f:2b:5e:ef:ca:3b:bf:f8:fc:7e:05:f1
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA1KvkLe8OzidHRYJR+aLmuVdksIuhNcdfNL5pcGOyzJbKnihlPFSp0tpwHbQ8mxgYJ2hkSRhsh+UrqYCqmDFhS0I+4a47V0FtIsKYLh5PmvyvxDwFyiPugm4ifuZDdWUDsv5QmmXYqzOkVh11JTmwq3qtB8gSsYUB6Rkqn0LpW7s=

work0.psg.com:
62:e0:63:d7:9a:7a:79:9a:7f:13:3d:6f:b6:14:fe:4a
work0.psg.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAx15pNJ+IpgbijMmdAnxJe2LuGNwU/7VYoxDSgv5hwbHwYUQGWwds0/8HpOEPvTSzpjiXHbn6saDD9NycyOmuny2TuuNwSxRfdRlhJ5ooS0FWqPVOPcwYvt2rBNcli19j4+B4al5ffiKwLUl559Hk9dIwjT7J4Vtpcg429FVsd78=

raid0.psg.com
48:44:60:77:db:5b:42:b3:4b:7f:17:66:43:7c:b1:24
raid0.psg.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA1gTxxTillGXJsAdZexpYE3051BPvUEhyWILZDiXvwc5oQbEd1D8grulW7j7RfWj1NWAx8w9sRhhjd+EZ/1TN2FeItXU72fliCkLjN7iTQxx7M88wP9TB+RxRt//EDAGQIzk2487/N+tg2Z5ZYytJDF82anoW0qhwjDkSOsgW04c=

- ---

[1] e.g. when you first connect to a host for which you do not already have
    a key, you are asked if you wish to accept the host's key.  or you
    ignore "this is not the key we know for this host" warnings.

[2] different shh clients store their known hosts' keys in different places.
    e.g.,
    o if you run unix, it's ~/.ssh/known_hosts
    o it's probably the same for linux and other unix wannabes
    o for windows fsecure ssh, it's knwnhsts.txt in fsecure's directory
    o putty puts them in the registry (thanks jim long)
      HKEY_CURRENT_USER/Software/SimonTatham/PuTTY/SshHostKeys
    o TeraTerm Pro SSH under Windows, aka ttssh, keeps host keys in the 
      file ssh_known_hosts in the same directory as the program executable
      (thanks hervey allen and tim spofford)
    o if you learn of others, please tell me

randy

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: Processed by Mailcrypt 3.5.8 

iQCVAwUBRSK+CPvCP42xMxQ5AQr0oQP5AVAJx4eexVC9wo6KBIwVN30xFy8QJICK
6JBzQNAMZiEmm4KzO5NQsCxXDyfLroei3OHferye/3w7IlAt2klpG0XXzUPYa2cp
TYPvBXBzsJx+Klt67wgGIjXHb6SPzxY+9F0TQL9IHOjHZ9GMJAcPxbJBFBjhB0B4
kNJIYt67CS4=
=0pZU
-----END PGP SIGNATURE-----