Differences
This shows you the differences between the selected revisions of the page.
| 2016-12-06 | 2016-12-06 | ||
| no host name link in the new portal (martin) | correcting link to Get-AzureRmVMBootDiagnosticsData (martin) | ||
| Line 21: | Line 21: | ||
| ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICv8CYlgCghyr1q+XdGJB560N9FuF4JY4ALHfkR/mktm root@ubuntu | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICv8CYlgCghyr1q+XdGJB560N9FuF4JY4ALHfkR/mktm root@ubuntu | ||
| ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqn2SnEPSysG2n/v3lzSTH/7GwpwhxIyRfp0wYRDu1cIizjyiD7m8GQI2R2OqBGnole/s5c1BkP9/QOTtLGZQVta5kCT8t6Ph7soe7ST8Ee7ok45648zEeKqf4tGfyFTlSJOtNWEh9qAlx79pL7rxC6QphWqYNFDPuTjPigwGsVhznTWry8OJZnJuSQCM07UDP+995yrJLqjZxY6StOMELILamcYO6XdoQvF/a1byVTQnbKO6Mdt8V+J+RY8ibNeYdAjfO1dQuUZIHwf8HiS5nD1+IzeiEH4V6Hr7uDCR+1V6rRj93x/NvPgM6T99urb5Br+GYZ4wVkAsZOTg3OFTT root@ubuntu | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqn2SnEPSysG2n/v3lzSTH/7GwpwhxIyRfp0wYRDu1cIizjyiD7m8GQI2R2OqBGnole/s5c1BkP9/QOTtLGZQVta5kCT8t6Ph7soe7ST8Ee7ok45648zEeKqf4tGfyFTlSJOtNWEh9qAlx79pL7rxC6QphWqYNFDPuTjPigwGsVhznTWry8OJZnJuSQCM07UDP+995yrJLqjZxY6StOMELILamcYO6XdoQvF/a1byVTQnbKO6Mdt8V+J+RY8ibNeYdAjfO1dQuUZIHwf8HiS5nD1+IzeiEH4V6Hr7uDCR+1V6rRj93x/NvPgM6T99urb5Br+GYZ4wVkAsZOTg3OFTT root@ubuntu | ||
| - | -----END SSH HOST KEY KEYS-----</code> \\ Alternatively use ''[[ps>resourcemanager/azurerm.compute/v2.3.0/get-azurermvmbootdiagnosticsdata|Get-AzureRmVMBootDiagnosticsData]]'' command. \\ Look for ECDSA key. The logged fingerprint of the key uses Base64-encoded SHA-256 hash of the key. While WinSCP uses hexadecimal-encoded MD5 hash of the key. To calculate the fingerprint in WinSCP format, execute this command in Windows PowerShell (after inserting the ''ssh-ed25519'' key): \\ <code powershell>Write-Host ([BitConverter]::ToString([Security.Cryptography.MD5]::Create().ComputeHash([Convert]::FromBase64String("AAAAC3NzaC1lZDI1NTE5AAAAICv8CYlgCghyr1q+XdGJB560N9FuF4JY4ALHfkR/mktm"))) -replace "-", ":").ToLower()</code> | + | -----END SSH HOST KEY KEYS-----</code> \\ Alternatively use ''[[https://docs.microsoft.com/en-us/powershell/resourcemanager/azurerm.compute/v2.3.0/get-azurermvmbootdiagnosticsdata|Get-AzureRmVMBootDiagnosticsData]]'' command. \\ Look for ECDSA key. The logged fingerprint of the key uses Base64-encoded SHA-256 hash of the key. While WinSCP uses hexadecimal-encoded MD5 hash of the key. To calculate the fingerprint in WinSCP format, execute this command in Windows PowerShell (after inserting the ''ssh-ed25519'' key): \\ <code powershell>Write-Host ([BitConverter]::ToString([Security.Cryptography.MD5]::Create().ComputeHash([Convert]::FromBase64String("AAAAC3NzaC1lZDI1NTE5AAAAICv8CYlgCghyr1q+XdGJB560N9FuF4JY4ALHfkR/mktm"))) -replace "-", ":").ToLower()</code> |
| * If you did not save the fingerprint on the first virtual machine, but you have another Azure virtual machine that you can connect to safely (you know its fingerprints), you can connect to the target instance using private IP from the trusted instance. Staying within a private Azure network keeps you safe from [[wp>Man-in-the-middle_attack|man-in-the-middle attacks]]. When on the trusted instance terminal, you can use the following commands to collect fingerprints: \\ <code> | * If you did not save the fingerprint on the first virtual machine, but you have another Azure virtual machine that you can connect to safely (you know its fingerprints), you can connect to the target instance using private IP from the trusted instance. Staying within a private Azure network keeps you safe from [[wp>Man-in-the-middle_attack|man-in-the-middle attacks]]. When on the trusted instance terminal, you can use the following commands to collect fingerprints: \\ <code> | ||
| $ ssh-keyscan <target_instance_private_ip> > azurekey | $ ssh-keyscan <target_instance_private_ip> > azurekey | ||