debian.org Developer Machines

SSH Host Keys

The SSH host keys for the machines in the debian.org domains are stored in the Debian LDAP database. The key and its fingerprint will be displayed when details for a machine are displayed.

On machines in the debian.org which are updated from the LDAP database /etc/ssh/ssh_known_hosts contains the keys for all hosts in this domain. This helps for easier log in into such a machine. This is also be available in the chroot environments.

Developers should add StrictHostKeyChecking yes to their ~/.ssh/config file so that they only connect to trusted hosts. With the file mentioned above, nearly all hosts in the debian.org domain will be trusted automatically.

Developers can also execute ud-host -f or ud-host -f -h host on a machine in the debian.org domain in order to display all host fingerprints or only the fingerprints of a particular host in order to compare it with the output of ssh on an external host.

Exception for Alioth

An exception has been made for the Alioth system since not only Debian developers have an account on this machine. As a result, this machine (or machines in case there are more of one serving as Alioth hosts) is generally not trusted. Hence no passwords (i.e. no shadow file(s)) will be exported to it and their SSH keys are not added to the LDAP system.

Debian Host Naming Scheme


You can contact us at admin@db.debian.org.

Last Modified: Thu, Jan 16 23:23:10 UTC 2014
Copyright © 1997-2014 SPI; See license terms
Debian is a registered trademark of Software in the Public Interest, Inc.