Hello, again, I realize I'm posting quit a bit on this list....proud to be an avid user of VNC-based software, and also feeling insecure about not using ssh. Well, I bit the bullet this week and decided to learn what was necesary (actually, not the first attempt).
I am mostly following http://www.uk.research.att.com/vnc/sshwin.html . Since I'm running cygwin on WinME, I'm using their built-in ssh. Its man page includes both protocol 1 and protocol 2. I'm accessing a Solaris8 box whose ssh man page seems to only have protocol 1 stuff, so I assume that is what is being used. In particular, the message I'm going to ask relates to RSA, which seems to fall under protocol 1. Here's is what happens when I follow the above web instructions. >From the cygwin bash prompt, I tried both ssh -L 5954:MachineName.doe.carleton.ca:5904 MachineName.doe.carleton.ca ssh -L 5954:MachineName.doe.carleton.ca:5904 [EMAIL PROTECTED] The response is The authenticity of host 'MachineName.doe.carleton.ca (<some IP number:>)' can't be established. RSA key fingerprint is <long series of 2-digit hex numbers separated by ":"> Are you sure you want to continue connecting (yes/no)? As per the web instructions, I checked the file /etc/ssh_host_key.pub which I ftp'd from MachineName.doe.carleton.ca. They do not appear the same. In fact, the file I ftp'd has only one line with 3 numbers followed by "root@MachineName". The 3rd number is almost 320 digits long and appears entirely decimal. Also, I am not "root". So I answer "no" to continuing. At this point, I departed from the instructions. According to the ssh man pages for RSA authentication, I run ssh-keygen from the WinME viewer side, which I do from the cygwin bash prompt. I am given a RSA key fingerprint similar to that in the response above but with different digits, which I record. I then ftp'd the created file "identity.pub" to MachineName as "~fma/.ssh/authorized_keys" and run both of the above ssh commands. However, the returned RSA key fingerprint is the same as before i.e. differs from the one shown to me by ssh-keygen . Of course, I respond with "no" to that. So it looks like I'm not doing something right, though the instructions (from both the above website as well as the ssh man page) seem very clear. Can anyone suggest a way to to go on this? Thanks. Fred -------------------------------------------------------------------------- Fred Ma Department of Electronics Carleton University, Mackenzie Building 1125 Colonel By Drive Ottawa, Ontario Canada K1S 5B6 [EMAIL PROTECTED] ========================================================================== --------------------------------------------------------------------- To unsubscribe, mail [EMAIL PROTECTED] with the line: 'unsubscribe vnc-list' in the message BODY See also: http://www.uk.research.att.com/vnc/intouch.html ---------------------------------------------------------------------
