Red Hat Bugzilla – Bug 205689
SSHFP Resource Record addition with system-config-bind
Last modified: 2007-11-30 17:11:42 EST
Description of problem:
I could not find out how to add an SSHFP RR with the system-config-bind tool.
SSHFP RR are used by ssh to verify host key fingerprints. Described in rfc4255.
You can use the following command on the ssh server to generate a valid SSHFP RR:
$ ssh-keygen -r simca-1000 -f /etc/ssh/ssh_host_rsa_key.pub
simca-1000 IN SSHFP 1 1 3e21f08cf22a039de93203ee7726bfcf02287756
$ ssh-keygen -r simca-1000 -f /etc/ssh/ssh_host_dsa_key.pub
simca-1000 IN SSHFP 2 1 a6c2f2f5662c0a98f448c32dea880330d6d7950d
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create a new zone
2. Right click the new zone name and select Add...
3. The list misses an entry for SSHFP
It should be possible to add SSHFB records to bond configuration using
Unfortunately it's after test3 freeze....
Please update Version -> fc6.
system-config-bind really needs a SSHFP record type.
ping, we are now back to pre test1 :)
I made patch that allows adding SSHFP records with system-config-bind. But now
the bind package maintainter is testing whether this type of DNS record is
supported by bind.
Hi Thank you for your patch. I confirm that SSHFP RR are working in my setup. I
have added them manually to my DNS maps and I can query them without a problem.
My confirmed working version of bind is 9.3.3-0.2.rc2.fc5
yeah, the bind maintainer also said that it works. So I'll public the patch as
soon as possible. I have to solve some details.