First time connections

Encryption algorithms makes it easy to protect communication as long as the sending and receiving party share a secret. Clever Mathematics solve the problem of exchanging such secrets over untrusted channels. More worrisome is the problem of verifying the identities of the communicating parties.

First time connections#

If the SSH client connects the very first time to a server, it cannot be sure about the identity of the remote server. It presents a cryptographic fingerprint of the server and asks whether to establish a connection. You should verify the fingerprint with an trusted list. After accepting this server, the client will recognize the server and don’t ask again for a verification.

john@laptop:~$ ssh johndoe@login.phys.ethz.ch
The authenticity of host 'login.phys.ethz.ch (129.132.89.195)' can't be established.
ECDSA key fingerprint is SHA256:upncE1in1QVEyXEeafC/WOPpK8QtZ/skpxU7GwTlpUk.
Are you sure you want to continue connecting (yes/no/[fingerprint])? 

SSH login with password#

With any further configuration SSH falls back to authentication via passwords. So the your client will ask your for the password of the account on the remote side (johndoe on login.phys.ethz.ch).

john@laptop:~$ ssh johndoe@login.phys.ethz.ch
johndoe@login.phys.ethz.ch's password: *********
johndoe@phd-login1:~$