Your browser does not allow this site to store cookies and other data. Some functionality on this site may not work without them. See Privacy Policy for details on how we would use cookies.

Tectia

Resolving Hashed Host Keys

Tectia client tools for z/OS includes a tool to resolve which hashed host key belongs to which server. As there can be several server host keys stored on the client-side host, and the file name does not show the server name in, it is sometimes necessary to check if a certain server public key is stored on the client host.

On the command line, the command syntax is:

ssh-keygen-g3 -F <servername>@<port>

For example:

ssh-keygen-g3 -F server1@222

The tool shows the location and the fingerprint of the requested server's public key or keys (the fingerprint in the SSH babble format). For example:

Fingerprints for key 'server1#222':
  (from location
   /etc/ssh/ssh_known_hosts:1 ("server1 ssh-dss AAAAB3...")
   (publickey-knownhosts))
xical-dohoz-fafur-ciper-vucam-munod-rykic-nabiv-nigag-fatif-pixex
  (from location
   /home/user44/.ssh/known_hosts:2 ("|1|84+eB1qwbSSvSe0GY...")
   (publickey-knownhosts))
xuvob-vodyt-dilib-koryc-cadek-ryfuv-mufut-bupyb-resuz-fadyz-taxox

The port definition is optional in the command. If no port is given, the default Secure Shell port 22 is assumed. For example:

ssh-keygen-g3 -F server2
Fingerprint for key 'server2':
  (from location
   /home/user44/.ssh2/hostkeys/keys_bf53882dc47bb767edf161a4f636917f8358d635
   (publickey-file))
xuvin-zitil-ducid-gevil-vysok-buviz-nynun-pinat-tylev-gusez-dyxix

If no keys are found for the given server, the ssh-keygen-g3 -F command will report where it looked for the keys, and will conclude as follows:

/ No keys found from any key directories or known_hosts files.

===AUTO_SCHEMA_MARKUP===