spoof rsa fingerprint

[Markus Schönhaber]

Eugeneapolinary Ju:

> Could that be possible, to spoof the rsa_fingerprint? [because the
> router say's the fingerprint when first logging in to it, etc..so
> could that be spoofed?]

1. It's not your router that displays a fingerprint, it's your ssh
client which receives the router's key, calculates the fingerprint from
it and shows it to you.
2. If the key could easily be "spoofed", all that encryption stuff would
be pretty useless.

Bottom line: it's next to impossible to generate a key with a given
fingerprint...
...provided you're not using a ssh/ssl version where some clever packet
maintainer has fiddled around with code he doesn't understand just to
silence a debugger. But that will - hopefully - never happen again.

-- 
Regards
  mks