Skip to content
Xelerance Official SSHFP repository
Python Makefile
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
debian update dependancies and packaging versions Apr 12, 2011
fedora
.gitignore
BUGS
CHANGES
COPYING
Makefile
README.md
TODO
dane
dane.1
dane.1.xml
daneldnsx.py
libdane.py-unused
sshfp
sshfp.1
sshfp.1.xml
tlsdns.usage.old

README.md

Origin

Software    : sshfp
URL     : http://www.xelerance.com/software/sshfp/
Source      : ftp://ftp.xelerance.com/sshfp/
License     : GPLv2+
Mailinglist : http://lists.xelerance.com/mailman/listinfo/sshfp/
Authors     : Paul Wouters, Chrisopher Olah
Summary     : Generate RFC-4255 SSHFP DNS records from known_hosts files or ssh-keyscan

sshfp generates DNS SSHFP records from SSH public keys. sshfp can take public keys from a known_hosts file or from scanning the host's sshd daemon. The ssh client can use these SSHFP records if you set "VerifyHostKeyDNS yes" in the file /etc/ssh/ssh_config or ~/.ssh/config. See RFC-4255

When using the AXFR method, sshfp supports:

  • IPv4 A record and IPv6 AAAA host lookups
  • Support for multiple ports to be listed on the CLI
  • Regex filtering of included hosts
  • Only output unique results

Requirements

sshfp requires python-dns: http://www.pythondns.org

pip install dnspython

 Quickstart

On OSX

git clone git@github.com:jinnko/sshfp.git
cd sshfp
virtualenv -p python2.7 ./
bin/pip install dnspython
bin/python sshfp --port 22 --port 2022 --scan --all --regex '^(aws|do|gce)' example.com
Something went wrong with that request. Please try again.