pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

ECDSA key fingerprint for anoncvs.netbsd.org?



Hello!

When I tried to update a pkgsrc source tree via CVS from
anoncvs.netbsd.org, I was presented with an ECDSA key fingerprint and
prompted to choose whether to continue.  Are the SSH key fingerprints
for anoncvs.netbsd.org published anywhere?  If not, could they be?

I think it would also be good to update pkgsrc documentation for this,
including the pkgsrc quickstart documentation and the pkgsrc guide, and
include a link to where the anoncvs.netbsd.org ECDSA key fingerprints
are published.

Since this is for anoncvs.netbsd.org, which also hosts NetBSD's source
code, I would think this issue applies more broadly.  But I haven't seen
others asking about it, so I'm a little puzzled by that.

Here's exactly what I did on RHEL 7:

----
$ cvs update -dP
The authenticity of host 'anoncvs.netbsd.org (199.233.217.198)' can't be established.
ECDSA key fingerprint is SHA256:rfdxSvvf/JzDE4dO+hsx6E/Vj0L3HREk8Z795bItxr0.
ECDSA key fingerprint is MD5:c5:cd:f6:d8:a5:c0:01:91:68:c0:64:ea:23:a3:11:f7.
Are you sure you want to continue connecting (yes/no)? no
Host key verification failed.
cvs [update aborted]: end of file from server (consult above messages if any)
----

Thanks!

Lewis


Home | Main Index | Thread Index | Old Index