SSH

From FyshyWyky
Jump to navigationJump to search

Introduction

The primary means of logging into a Fysh.Org shell account is to use a SSH client. This has the advantages of providing an encrypted connection, so no passwords, email etc can be casually snooped by 3rd parties between you and us, and also provides a variety of authentication methods.

We run the current version in Debian 'stable' of OpenSSH as the server software on river.fysh.org. Note that version 1 of the SSH protocol is disabled, so you'll need a client that supports version 2.

We also have SFTP enabled should you wish to securely copy files to or from river.fysh.org.

ssh.fysh.org

Some river.fysh.org account holders find themselves behind firewalls that won't allow them to connect directly to external hosts on port 22 which is the default port on which we run SSH. Unfortunately due to the current set-up (only one public IPv4 address) we can't offer to also run SSH on port 443 (https), which offers one way around firewalls.

However if you have full IPv6 access we do offer the SSH service on port 443, along with the default port 22 and additional port 2222.

Fysh.Org SSH Host Key(s)

For reference the fingerprint of keys for hosts you may connect to are:

Fysh.Org SSH Host Keys
Host Key Type MD5 Key Fingerprint SHA256 Key Fingerprint Comment
river.fysh.org ed25519 eb:cf:67:1c:c6:f5:6f:98:3a:65:49:18:e0:81:38:a6 uFhV9BxFo83RDGC/0P6aP7GO3yKHlMgQHnsrknVXck8 In service from Mon 12 Feb 09:44:29 GMT 2018
river.fysh.org RSA 6c:c8:c7:f3:de:c8:01:c2:d5:5d:82:70:fc:2b:54:85 N2Q8yXLZWWloRiq1bsuPkpex0laLoXN/EEtZ2Nr3XYk New due to 'Heartbleed' bug - In service from 2014-04-12 12:21:00 BST to
river.fysh.org ECDSA 73:cb:e4:46:49:6f:c6:34:7b:4f:e0:8c:07:4a:4c:ff 1q2sm3WjvxgJ5ugwhRhcyNjQygq+hdP1UC4AXR7mCj0 NO LONGER IN SERVICE - as we no longer offer a matching HostKeyAlgorithm. Was new due to 'Heartbleed' bug - In service from 2014-04-12 12:21:00 BST to 2018-02-13 ~11:20 UTC
river.fysh.org DSA 9c:f8:b9:07:a8:0e:db:90:21:7e:63:67:38:45:29:d9 c3/TQP4okhunjKyGtdBZ9ggqr9Yaf7lgID80cjr32Jg NO LONGER IN SERVICE. Was new due to 'Heartbleed' bug - In service from 2014-04-12 12:21:00 BST to Mon 12 Feb 09:40:51 GMT 2018 (when it was removed because this key format long since fell out of favour).
river.fysh.org RSA 77:fe:45:57:27:33:b5:98:ce:9b:dd:74:4b:83:4d:9e <not relevant when in use> Pre-'Heartbleed' bug - NO LONGER in service from 2014-04-12 12:21:00 BST
river.fysh.org DSA b4:6d:27:bc:35:10:48:e2:ea:2e:54:11:73:78:ec:77 <not relevant when in use> Pre-'Heartbleed' bug - NO LONGER in service from 2014-04-12 12:21:00 BST
river.fysh.org ECDSA c5:28:32:66:db:86:cd:1a:c3:f9:22:16:8c:12:01:14 <not relevant when in use> Pre-'Heartbleed' bug - NO LONGER in service from 2014-04-12 12:21:00 BST