SSHFP Resource Record
The SSHFP Resource Record (SSHFP for English Secure Shell (Key) Fingerprint ) is a DNS - Resource Record for SSH -Keys.
construction
<Name> [<TTL>] [<Klasse>] SSHFP <Algorithmus> <Typ> <Fingerabdruck>
- <name>
- The domain name of the object to which the resource record belongs (optional)
- <TTL>
- Time to live (in seconds). Validity of the resource record (optional)
- <class>
- Protocol group to which the resource record belongs (optional)
- <Algorithm>
- Public key algorithm (0 = reserved, 1 = RSA , 2 = DSA , 3 = ECDSA , 4 = Ed25519 )
- <type>
- Type of fingerprint (0 = reserved, 1 = SHA-1 , 2 = SHA-256 )
- <Fingerprint>
- Hexadecimal representation of the key fingerprint
example
host.example.com. SSHFP 2 1 123456789abcdef67890123456789abcdef67890
In this example, a client can determine that the host with the DNS name host.example.com is using a DSA key with the SHA-1 fingerprint "123456789abcdef67890123456789abcdef67890".