While running the ssh command: ssh -i .ssh/aws-key.pem ubuntu@XX.XX.XX.XX
I get the following message:
The authenticity of host ‘XX.XXX.XXX.XXX (XX.XXX.XXX.XXX)’ can’t be established.
ECDSA key fingerprint is SHA256:kZ61F5yD5w8s2DPJHBNEX0neexs+zjfsHSYPPES0NSc.
Are you sure you want to continue connecting (yes/no)?
Any insight on the message?
Notes:
After saying ‘yes’ I could login into the machine successfully.
XX.XXX.XXX.XXX is my public IP.
You have to authenticate the ssh keys when logging in for the first time. The prompt appears during the first time, nothing abnormal with that.
The reason is to prevent “man-in-the-middle” attacks. A server has a signature on it that is traceable and digitally signed. So when you connect to it the first time, your ssh client captures that signature. Every time you connect to it, it compares the current signature to the signature from the first time you connect to it. You can see these keys in Linux. If you run cat ~/.ssh/known_hosts it will print out the file that contains all the “fingerprints”.