Presbyterian College > Academic Web Server > Support Info > Authentication
The first time you connect to the server web.presby.edu, using a secure connection method such as ssh, scp or SFTP, you are likely to get a warning about the authenticity of the server. For example, with ssh or scp at the Unix / Linux or Mac OS command line, you will see something like this:
The authenticity of host 'web.presby.edu (10.16.21.222)' can't be established.
RSA key fingerprint is 8a:24:e3:c2:14:86:12:4e:19:11:c0:1c:4f:d5:a3:67.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'web.presby.edu,10.16.21.222' (RSA) to the list of known hosts.
You should normally answer "yes" to the question. Here's what's going on:
The SSH protocol used by scp, ssh, and other secure file transfer and remote-login software, normally verifies that you are actually connecting to the server that you want to connect to, by comparing a private key on the server to a public key for that server on your own computer. However, if you've never connected to that server before (using the SSH protocol), you probably don't have its public key. In that case, the server offers to download a copy of its public key which your computer can use for future connections.
Suppose some unscrupulous person hijacks your Internet connection and redirects your outgoing connection intended for web.presby.edu to his own server. If you already have our public key, the connection will fail, unless the bad guy somehow has a copy of our private key. However, if this is your first attempt to connect to web.presby.edu via SSH, the bad guy can offer his own public key. If you accept it, he sees everything that you think you're sending to us.
Realistically, this scenario is probably rather unlikely, especially if you're on campus or using a reasonably secure network connection at home. If you're using something like a public wireless access point, you might want to be careful and not try to connect to the server for the first time from there. After you have the server's public key, you should be OK.
If you're paranoid, compare the fingerprint that the message shows you, with the one shown in the example above. If they match, you're probably OK. If they don't match, either someone really has hijacked your connection, or (more likely) we moved web.presby.edu to a new machine and I haven't gotten around to updating these pages yet.
If you're really really paranoid, I can give you a copy of the web.presby.edu public key in person on a flash drive, and you can install it on your computer yourself!
This page was last updated by Jon Bell on 7 May 2012.
Presbyterian College > Academic Web Server > Support Info > Authentication