Recent articles (showing 1-10 out of 69):

Here's how to add SSHFP records to DNS.  You need to have DNSSEC signed zones for this to work.

To generate the records, simply use the following command against your host public keys and copy them into your DNS zonefile:

/bin/sh -c 'for i in /etc/ssh/ssh_host_*_key.pub; do ssh-keygen -r HOSTNAME -f $i; done' Copy

If you're using openssh-portable under FreeBSD, change the /etc/ssh/ path above to be /usr/local/etc/ssh/

The HOSTNAME part of the above command line is cosmetic and used purely for the DNS output.

Ignore any 'unsupported algorithm' messages – these are due to certain key types not being supported in SSHFP for now.