GE 1019070 User Manual

The fingerprint may be checked against the information provided by the SNMP/Web adapter to confirm
to SSH server identity. On the console interface inject the ssh-fingerprint command. Below is a sample
output of the ssh-fingerprint command:

GEDE> ssh-fingerprint
1024 6e:07:31:58:16:91:ae:2e:43:6f:03:64:94:57:55:6d ssh_host_rsa_key.pub
1024 06:97:69:97:cd:93:1b:b6:29:ca:34:e5:8c:35:7c:6e ssh_host_dsa_key.pub
1024 d1:9b:50:13:b3:e3:98:8e:8c:76:49:14:be:21:ed:b3 ssh_host_key.pub

The output can be interpreted as follows:

Key

SSH version

Cryptography algorithm

ssh_host_rsa_key.pub v2

RSA

ssh_host_dsa_key.pub v2

DSA

ssh_host_key.pub v1

RSA

It can be seen in the above example that the fingerprint shown by SSH matches the RSA key for SSH v2
on the ssh-fingerprint output.
The SNMP/Web adapter supports both version 1 and version 2 of the SSH protocol. It is recommended
to use SSH v2 (if possible), as SSH v1 is generally considered obsolete.
On the other hand, SFTP is a file transfer protocol providing secure transfer. It is used in conjunction with
the SSH protocol, as SFTP does not provide security by itself but expects the underlying protocol to
provide that. Therefore, the key fingerprint can be verified exactly in the same way as with SSH. Below is
a sample from a popular SFTP client (sftp):

It can be seen that the key fingerprint is exactly the same.

Modifications reserved

Page 46/58

OPM_CNT_SNM_BAS_CRD_1GB_V012.doc

Operating Manual SNMP/Web Adapter