Home » Questions » Computers [ Ask a new question ]

What is randomart produced by ssh-keygen?

What is randomart produced by ssh-keygen?

When you generate a key, you get "randomart" from newer versions of OpenSSH. I am unable to find an explanation of why, and what I'm supposed to use it for.

Asked by: Guest | Views: 52
Total answers/comments: 2
Guest [Entry]

"The randomart is meant to be an easier way for humans to validate keys.

Validation is normally done by a comparison of meaningless strings (i.e. the hexadecimal representation of the key fingerprint), which humans are pretty slow and inaccurate at comparing. Randomart replaces this with structured images that are faster and easier to compare.

This paper ""Hash Visualization: a New Technique to improve Real-World Security"", Perrig A. and Song D., 1999, International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99)"" explains some techniques and advantages."
Guest [Entry]

"Official announcement: OpenSSH 5.1 released

Introduce experimental SSH Fingerprint
ASCII Visualisation to ssh(1) and
ssh-keygen(1). Visual fingerprinnt
display is controlled by a new
ssh_config(5) option ""VisualHostKey"".
The intent is to render SSH host keys
in a visual form that is amenable to
easy recall and rejection of changed
host keys. This technique inspired by
the graphical hash visualisation
schemes known as ""random art
  • "", and
    by Dan Kaminsky's musings at 23C3 in
    Berlin.

    Fingerprint visualisation in is
    currently disabled by default, as the
    algorithm used to generate the random
    art is still subject to change."