dropbearkey question...

Ed Sutter ed.sutter at alcatel-lucent.com
Wed Apr 17 01:26:34 WST 2013


Hi,
I now have the dropbearkey code integrated into my embedded stuff.
I assume the idea is to call this function each time the server starts up.

Then each time the server starts, future client connections will reject the
server connection until $HOME/.ssh/known_hosts is purged of that server's
key information.

Correct so far?
Assuming yes...

Then, the user of the client has to accept the new credentials based on
the RSA key fingerprint from the server.  So, shouldn't the message that
comes out of the client reflect the same fingerprint as that which was
printed when the key was created on the server?

(mine doesn't)
Ed



More information about the Dropbear mailing list