I have recently got my first
VPS Hosting account and am confusing about logging into the SSH.
I am using PuTTY on Windows to connect to my Linux
VPS Hosting. The PuTTY documentation says
"Whether or not to trust the host key is your choice. If you are connecting within a company network, you might feel that all the network users are on the same side and spoofing attacks are unlikely, so you might choose to trust the key without checking it. If you are connecting across a hostile network (such as the Internet), you should check with your system administrator, perhaps by telephone or in person. (Some modern servers have more than one host key. If the system administrator sends you more than one fingerprint, you should make sure the one PuTTY shows you is on the list, but it doesn't matter which one it is.)
"
When I connect to my
VPS Hosting's IP address I get a message in PuTTY "The server's host key is not cached in the registry. There is no guarantee that the server is the computer that you think it is. The server's rsa-2 fingerprint key is ..... Do you trust this host?"
I want to know what my server's rsa2-fingerprint is before I click Yes to trust it. I asked LiveSupport but they guy said just to trust it. This seems to defeat the purpose of SSH . I haven't validated the identity of the computer I am talking to. How can I trust it? It might be conducting a Man In The Middle attack.
Can someone tell me if I can get the fingerprint in advance to compare it to?
A url which I cannot add as I have not made five posts (search on google for
PuTTY "if you trust this host" umanitoba ), for example, gives the fingerprint of their server to compare to for their PuTTY users, so I don't see why my
Dedicated Server should be any different.
Thanks
dave.