mirror of
https://github.com/jbranchaud/til
synced 2026-01-03 23:28:02 +00:00
Add Check SSH Key Fingerprints Of Known Hosts as a Unix TIL
This commit is contained in:
jbranchaud
31
unix/check-ssh-key-fingerprints-of-known-hosts.md
Normal file
31
unix/check-ssh-key-fingerprints-of-known-hosts.md
Normal file
@@ -0,0 +1,31 @@
|
||||
# Check SSH Key Fingerprints Of Known Hosts
|
||||
|
||||
The `ssh-keygen` utility can do a bunch of things related to SSH keys including
|
||||
generating key pairs, removing a key, and even showing the fingerprints for a
|
||||
public keys file.
|
||||
|
||||
After [the recent GitHub SSH key
|
||||
rotation](https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/), I
|
||||
wanted to check that the key I had added produced a fingerprint matching what
|
||||
they described in the article.
|
||||
|
||||
The `-l` flag will list the fingerprints and the `-f` flag allows you to
|
||||
specify what file it processes when doing that.
|
||||
|
||||
```bash
|
||||
ssh-keygen -lf ~/.ssh/known_hosts
|
||||
```
|
||||
|
||||
I have a bunch of known hosts, so I can narrow it down to just the GitHub entry
|
||||
like so.
|
||||
|
||||
```bash
|
||||
ssh-keygen -lf ~/.ssh/known_hosts | grep github.com
|
||||
3072 SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s github.com (RSA)
|
||||
```
|
||||
|
||||
And [it matches what GitHub
|
||||
lists](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints),
|
||||
so I'm good to go.
|
||||
|
||||
See `man ssh-keygen` for more details.
|
||||
Reference in New Issue
Block a user