diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2015-05-22 05:28:45 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-05-22 20:02:19 +1000 |
| commit | f948737449257d2cb83ffcfe7275eb79b677fd4a (patch) | |
| tree | d54dc7a83f8f97322a8b1534fc835aafe4697941 | |
| parent | 0882332616e4f0272c31cc47bf2018f9cb258a4e (diff) | |
upstream commit
mention ssh-keygen -E for comparing legacy MD5
fingerprints; bz#2332
Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859
| -rw-r--r-- | ssh.1 | 9 |
1 files changed, 7 insertions, 2 deletions
@@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.357 2015/05/06 05:45:17 dtucker Exp $ -.Dd $Mdocdate: May 6 2015 $ +.\" $OpenBSD: ssh.1,v 1.358 2015/05/22 05:28:45 djm Exp $ +.Dd $Mdocdate: May 22 2015 $ .Dt SSH 1 .Os .Sh NAME @@ -1106,6 +1106,11 @@ Fingerprints can be determined using .Pp If the fingerprint is already known, it can be matched and the key can be accepted or rejected. +If only legacy (MD5) fingerprints for the server are available, the +.Xr ssh-keygen 1 +.Fl E +option may be used to downgrade the fingerprint algorithm to match. +.Pp Because of the difficulty of comparing host keys just by looking at fingerprint strings, there is also support to compare host keys visually, |