Secure Shell Fingerprintsdraft-ietf-secsh-dns-00.txt

• Secure Shell (SSH) client can authenticate the identity of a remote server using a public key

  • Once the key has been verified, it could be cached for further connections
  • The problem is how to securely verify the key the first time

• Only the key fingerprint is needed since the key is transferred in-band upon connection

• The SSHFP RR carries the key algorithm, fingerprint algorithm and the fingerprint itself

Previous slide

Next slide

Back to first slide

View graphic version