What Does SSH Continue Connecting Warning Mean

When connecting to an Ubuntu Linux SSH server for the first time, users are often greeted with a security warning asking if they want to “continue connecting.” This article explains what this warning means, why it occurs, how SSH key verification works, and how to safely proceed without compromising your network security.

The Security Warning Explained

When you initiate your first SSH connection to an Ubuntu server, you will see a message that looks similar to this:

The authenticity of host '192.168.1.50 (192.168.1.50)' can't be established.
ED25519 key fingerprint is SHA256:7yT...
Are you sure you want to continue connecting (yes/no/[fingerprint])?

This warning is a built-in security feature of the SSH (Secure Shell) protocol known as Host Key Verification. It means that your local computer has no prior record of this specific server and cannot automatically verify that the server you are reaching is indeed the correct destination.

Why This Warning Occurs

SSH uses public-key cryptography to encrypt the connection between your computer (the client) and the Ubuntu server.

  1. First-Time Connection: Every SSH server has a unique cryptographic “host key.” Because you have never connected to this Ubuntu server before, your local computer does not have its host key saved in its database.
  2. Preventing Man-in-the-Middle (MITM) Attacks: The warning exists to protect you from attackers. If a malicious actor intercepted your network traffic and redirected your connection to a fake server, the fake server would present a different host key. Without this warning, your client would connect automatically, and the attacker could steal your login credentials.

What Happens When You Type “Yes”

If you type yes and press Enter, your computer performs two actions:

  1. Establishes the Connection: It accepts the server’s identity and proceeds to the password or SSH key prompt.
  2. Saves the Host Key: It saves the server’s public key fingerprint to a local file on your computer located at ~/.ssh/known_hosts.

During all future connections to this server, your computer will quietly compare the saved host key in known_hosts with the key presented by the server. If they match, you will connect instantly without any warnings.

How to Handle the Warning Safely

While most users simply type yes, the secure and correct way to handle this warning involves verification:

  1. Verify the Fingerprint: Ideally, you should obtain the server’s actual fingerprint beforehand (for example, from your cloud provider’s console or by running ssh-keygen -lf /etc/ssh/ssh_host_ed25519_key.pub directly on the server’s local terminal).
  2. Compare: Compare the fingerprint displayed in the warning with the one you obtained. If they match, it is safe to type yes.
  3. If the Warning Appears Later: If you have connected to the server successfully in the past, but suddenly receive a warning stating that the “Host key verification failed” or that the host key has changed, do not connect. This indicates either that the server has been reinstalled, or that someone is attempting to intercept your connection.