Acknowledging Device SSH Fingerprints in Security Director

You use the Acknowledge Device Fingerprint action to acknowledge the SSH fingerprints received from the device or to resolve any SSH fingerprint conflicts between the fingerprints stored in the Junos Space database and that on the device. This action is enabled only if the Authentication Status column on the Security Devices page displays one of the following statuses: Credentials Based – Unverified; Key Based – Unverified; Key Conflict – Unverified; or Fingerprint Conflict.

Procedure

To acknowledge SSH fingerprints in one or more devices:

  1. Select Devices > Security Devices.

    The Security Devices page appears.

  2. Select one or more devices. From the More or right-click menu, select Acknowledge Device Fingerprint.

    The Acknowledge Device Fingerprint page appears, displaying the list of devices you selected. Table 136 displays the fields on this page.

  3. For each device listed, select the device, click the Edit button, and enter the new fingerprint of the device in the New Fingerprint field.

    The fingerprint must be a string of 16 octets in hexadecimal format with numbers and lowercase letters separated by colons.

  4. Click OK.

    The Confirm Acknowledge page appears asking you to confirm the fingerprint modification.

  5. Click Yes.

    The Job Details: Acknowledge Device Fingerprint page appears, displaying details of the job. If a fingerprint entered for a device is in the valid format, then that fingerprint is updated in the Junos Space database.

  6. Click OK to close the Job Details page.

    You are returned to the Security Devices page.

Table 136: Acknowledge Device Fingerprint Settings

 

Field

Description

Hostname

Displays the hostname of the device.

IP Address

Displays the IPv4 or IPv6 address of the device.

Authentication Status

Displays the authentication status of the device.

Fingerprint

If the Authentication Status column displays Fingerprint Conflict, this field displays the current fingerprint value of the device as stored in the Junos Space database. This field does not display any value if the Authentication Status column displays Key Conflict – Unverified; Key Based – Unverified; or Credentials Based – Unverified.

New Fingerprint

Displays the new fingerprint value received from the device if the Authentication Status field displays Fingerprint Conflict. Displays the current fingerprint value of the device as stored in the Junos Space database if the Authentication Status field displays Key Conflict – Unverified; Key Based – Unverified; or Credentials Based - Unverified