Any interest in having SSHFP records come from a signed DNS zone with DNSSEC? So that way when VerifyHostKeyDNS is set to yes in someones ssh config they will not be prompted to verify the public key fingerprint. On Thu, 2015-02-12 at 08:37 +0100, Andrea Veri wrote:
That's correct: 2048 2b:e6:66:91:c6:84:2f:92:cb:0d:c3:fa:d9:9a:6a:10 /etc/ssh/ssh_host_rsa_key.pub (RSA) This also reminded me I should setup a SSHFP record for bastion.gnome.org. That has been done and waiting for Puppet to pick up the changes. 2015-02-12 3:26 GMT+01:00 Peter Baumgarten <me peter-baumgarten com>:Does anyone know what the ssh public key fingerprint should be for bastion.gnome.org? I got a RSA key fingerprint 2b:e6:66:91:c6:84:2f:92:cb:0d:c3:fa:d9:9a:6a:10 with an ip of 209.132.180.166 _______________________________________________ gnome-infrastructure mailing list gnome-infrastructure gnome org https://mail.gnome.org/mailman/listinfo/gnome-infrastructure
Attachment:
signature.asc
Description: This is a digitally signed message part