HP-UX HB v13.00 Ch-10 - Network Services
HP-UX Handbook – Rev 13.00 Page 23 (of 26)
Chapter 10 Network Services
October 29, 2013
Although not commonly implemented, the ssh-agent program can be launched at the beginning
of a login session to provide a passphrase only once. This permits the use of passphrase but
eliminates some of the inconvenience of having a passphrase. The use of the ssh-agent is not
discussed in this document.
Common problems include:
Uncertainty whether the ssh server is the right host- How does the client know they are
logging into the authentic host? On initial login, a RSA (or DSA) key fingerprint is
presented. This should correspond to the host key for the desired machine.
# ssh avalon
The authenticity of host ‘avalon (10.90.90.90)’ can’t be established.
RSA key fingerprint is 71:94:55:39:c3:f2:01:2c:16:4c:78:15:b8:75:85:46.
Are you sure you want to continue connecting (yes/no)?
If the server’s host public key is available, this can be verified with ssh-keygen:
# ssh-keygen -l -f /etc/opt/ssh/ssh_host_rsa_key.pub
2048 71:94:55:39:c3:f2:01:2c:16:4c:78:15:b8:75:85:46 /etc/opt/ssh/ssh_host_rsa_key.pub (RSA)
Can’t log in- There are many potential causes of this. If the authentication is Public-Key
the first thing to verify the permissions of both the ssh server and client. If these
permissions are not restrictive enough, permission could be denied.