What is randomart produced by ssh-keygen?

371

93

When you generate a key, you get "randomart" from newer versions of OpenSSH. I am unable to find an explanation of why, and what I'm supposed to use it for.

Generating public/private rsa key pair.
The key fingerprint is:
05:1e:1e:c1:ac:b9:d1:1c:6a:60:ce:0f:77:6c:78:47 you@i
The key's randomart image is:
+--[ RSA 2048]----+
|       o=.       |
|    o  o++E      |
|   + . Ooo.      |
|    + O B..      |
|     = *S.       |
|      o          |
|                 |
|                 |
|                 |
+-----------------+

Generating public/private dsa key pair.
The key fingerprint is:
b6:dd:b7:1f:bc:25:31:d3:12:f4:92:1c:0b:93:5f:4b you@i
The key's randomart image is:
+--[ DSA 1024]----+
|            o.o  |
|            .= E.|
|             .B.o|
|              .= |
|        S     = .|
|       . o .  .= |
|        . . . oo.|
|             . o+|
|              .o.|
+-----------------+

dlamblin

Posted 2009-08-13T22:37:56.343

Reputation: 9 293

6Another question I would like to ask is; is it safe to share your randomart image with others? In other words, given a randomart image such as the above, is it possible to reverse-engineer this back to the key? – AndyJ0076 – 2019-03-24T03:36:21.183

You can find an in-depth analysis of the VisualHostKey randomart in the short paper The Drunken Bishop.

– loomi – 2012-09-04T11:35:21.033

Answers

267

The randomart is meant to be an easier way for humans to validate keys.

Validation is normally done by a comparison of meaningless strings (i.e. the hexadecimal representation of the key fingerprint), which humans are pretty slow and inaccurate at comparing. Randomart replaces this with structured images that are faster and easier to compare.

This paper "Hash Visualization: a New Technique to improve Real-World Security", Perrig A. and Song D., 1999, International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99)" explains some techniques and advantages.

mark

Posted 2009-08-13T22:37:56.343

Reputation: 3 849

2I imagine these are most useful when public keys are being exchanged in-person for an integrity check after the copy is complete. – jordanpg – 2014-10-02T23:53:56.603

@DerMike, if you haven't seen it already, another answer answers your question. – chreekat – 2015-11-24T19:51:48.937

19 years later (I'm old) I have too many different hosts I connect to. Recognizing a change is unlikely. – dlamblin – 2018-01-22T07:12:55.327

35Uhm, When could I see the hosts art? (I think I never did.) I only saw such an image after generating my key pair. And to what would I have to compare it to recognize 'sudden' change. – DerMike – 2011-02-09T10:15:09.957

14I'd wager the randomart adheres to a similar principle as hashes for integrity checks, namely: a small difference in the input generates a wildly different output. That would mean you would just have to memorize the rough shape of the expected randomart to be able to notice something is amiss. Of course this doesn't work in practice when SSH et al don't show you the randomart of the host you're connecting to (they should do so even when the host is known). – Alan Plum – 2011-02-25T16:22:01.450

70If you could just explain why humans validate keys, that could help, because frankly I tend to just put my public key in my authorized_keys file and be done with it. – dlamblin – 2009-09-06T05:10:57.643

48@dlamblin: You generally would not verify your own keys with this. It would, however, be useful for verifying the host key of a remote machine. One idea is that if you login to a particular machine from various locations (or you do not save its key into your known_hosts file), you will be able to recognize the “art” of the host's key. If that art suddenly changed you should be wary of typing in your password because it might mean that a man-in-the-middle attack is in progress on your connection (or it might mean that the host has just changed its keys for some other reason). – Chris Johnsen – 2009-10-27T05:43:06.267

211

Add 

-o VisualHostKey=yes

to your command line, or put 

VisualHostKey=yes

in your ~/.ssh/config.

You'll see the randomart of the box you are logging onto. If you log on one day and the random art is different (your brain should go Hey! I don't recognise that!), then maybe someone is hacking, or something.

The idea is that you don't consciously need to do it. One of the keys for one of our machines kinda looks like a butterfly. Another one kinda looks like a dick (yes, our brains are primitive). If you log on every day, you get accustomed to the images without even trying.

Paul Murray

Posted 2009-08-13T22:37:56.343

Reputation: 2 111

10Letting your computer do the recognition is vulnerable to your own computer's known hosts being hacked. Much like you shouldn't let your computer enter passwords for you, you would be better off validating the host's key yourself. – Marko Topolnik – 2015-05-25T17:54:31.483

1@MarkoTopolnik: if you can't trust your own local machine that you're connecting from, you shouldn't be using that machine to do anything, much less using SSH. For all you know, the ssh executable itself might've been replaced with a sinister version. – Lie Ryan – 2019-12-11T03:58:54.250

9Not great. If you've logged in before, much better for the computer to do the recognition for you using a stored fingerprint. The feature's only meant to be used for logging into new machines. – Nicholas Wilson – 2012-05-21T13:55:30.283

60Way late to this answer, but it's worth pointing out that this would be immensely useful if you were logging in from a different machine that didn't have all of your known_hosts. In that case, the computer wouldn't be able to verify that it's known, but the user should be able to see "That looks way different than normal!" and abort. – Xkeeper – 2012-10-03T19:56:07.460

38

Official announcement: OpenSSH 5.1 released

Introduce experimental SSH Fingerprint ASCII Visualisation to ssh(1) and ssh-keygen(1). Visual fingerprinnt display is controlled by a new ssh_config(5) option "VisualHostKey". The intent is to render SSH host keys in a visual form that is amenable to easy recall and rejection of changed host keys. This technique inspired by the graphical hash visualisation schemes known as "random art[*]", and by Dan Kaminsky's musings at 23C3 in Berlin.

Fingerprint visualisation in is currently disabled by default, as the algorithm used to generate the random art is still subject to change.

Nick

Posted 2009-08-13T22:37:56.343

Reputation: 1 034

10

That last sentence is, indeed, worth knowing. OpenBSD Journal @ Undeadly.org info about OpenSSH 6.8 release states, "Please note that visual host keys will also be different." Newer software shows different images than the images shown by the older software.

– TOOGAM – 2015-12-28T07:29:16.360

14

The Randomart displayed after the ssh-keygen generation is a graphic representation of the key you have just generated. Then:

  • the Randomart is not really useful for the user who generated the ssh-key

  • the Randomart can be very useful for a user using a connection via SSH to connect often to the same server: if he added the "-o VisualHostKey=yes " option to his SSH command:

    ssh user@domainname.com -o VisualHostKey=yes

the Randomart corresponding to the public key of the server will be displayed.

To see an example, you can try:

ssh git@github.com -o VisualHostKey=yes

In the case where the user often connects to the same server, then he can quickly and easily check if he recognizes the Randomart corresponding to the public-key of this server or not. Which is easier and faster than checking the string of characters of the public-key itself !

tmangin

Posted 2009-08-13T22:37:56.343

Reputation: 241

Asked: 2009-08-13T22:37:56.343

Viewed: 94 411 times

Active: 2015-12-28T03:54:41.623