beautypg.com

Understanding key fingerprints, Dsimportexport, Dsimportexport 593 – Apple Mac OS X Server (version 10.2.3 or later) User Manual

Page 593

background image

Tools for Advanced Administrators

593

Understanding Key Fingerprints

The first time you log in to a server using SSH, your local computer adds a “fingerprint” from
the remote server to a list of known remote host computers and displays a message:

The authenticity of host ‘192.168.12.12’ can’t be established.

RSA key fingerprint is a8:0d:27:63:74:00:f1:04:bd:6a:e4:0d:a3:47:a8:f7.

Are you sure you want to continue connecting (yes/no)?

Enter “yes” and press Return to finish authenticating.

If you see a warning message about a “man in the middle attack” when you try to connect
using SSH, the RSA key fingerprint on the remote server and the computer you are using to
administer it no longer match. This can happen if you use command-line tools to administer
a remote server, establish an RSA key fingerprint, and later change your SSH configuration,
perform a clean install of system software, or start up from the Mac OS X Server CD.

To connect to the remote server again using SSH, you need to edit the entries corresponding
to the hosts (which can be stored by both name and IP number) in this file: ~/.ssh/
known_hosts. You can use TextEdit or another editor to find the host name or IP address and
then delete the key. The key is a long string that may wrap to several lines. In TextEdit you
can press the Control key and type K to delete the line, and then delete the blank line that
the deletion creates.

dsimportexport

Use dsimportexport to import user and group accounts from a file or export them to a file. It
is a useful tool when you want to

m Create a large number of users or groups in a batch.

m Migrate user or group accounts from another server. You can import users and groups

from AppleShare IP 6.3 or Mac OS X Server version 10.1 and earlier.

m Update a large number of user or group accounts with new information.

See “Importing and Exporting User and Group Information” on page 181 for more
information about dsimportexport.

LL0395.Book Page 593 Wednesday, November 20, 2002 11:44 AM

See also other documents in the category Apple Software: