• caglararli@hotmail.com
  • 05386281520

Why are the gitlab SSH host key fingerprints not matching?

Çağlar Arlı      -    30 Views

Why are the gitlab SSH host key fingerprints not matching?

I tried to log into my university's gitlab via SSH. As expected, I was warned that the host is not known. Therefore, I tried to find the SSH host key on the "current configuration" page in the manual. However, I found that the key does not match the key that SSH shows me on the first connect.

To demonstrate this, here you can find the respective "instance_configuration" page for gitlab.com. The RSA-SHA256 fingerprint is said to be

2fdd0c7dfa7d9381f847266c800eafc96f5866fe859c4f1cf87da885c82e333a

Using the script I found on this superuser post (or when connecting via SSH for the first time) I am told that the RSA-SHA256 for the SSH host is

ROQFvPThGrW4RuWLoL9tq9I9zJ42fK4XywyRtbOz/EQ

which is

44e405bcf4e11ab5b846e58ba0bf6dabd23dcc9e367cae17cb0c91b5b3b3fc44

in hexadecimal (and hopefully matches what you see… or not).

My questions: Should'nt these be equal? Did I miss something? How can I verify that the SSH connection is secure?