I have tried ssh fedorapeople.org. I have VerifyHostKeyDNS yes in /etc/ssh/ssh_config. dig fedorapeople.org SSHFP returned result. So I was surprised.
# ssh-keyscan -D fedorapeople.org 2>&1 | tr a-f A-F | grep -v '^;' FEDorApEoplE.org IN SSHFP 1 1 5829B0460C2E9296BDBD835416C2615DCF80D22A FEDorApEoplE.org IN SSHFP 1 2 B0369E7D313C9F8E7C90EFB53844CB43D98F11A1AB84396767C57BF699FF30C3
Compared them with DNS records.
# dig +short fedorapeople.org sshfp 1 1 5829B0460C2E9296BDBD835416C2615DCF80D22A 1 2 B0369E7D313C9F8E7C90EFB53844CB43D98F11A1AB84396767C57BF6 99FF30C3
Compared results. The short one matches, the longer does not. And ssh asks for fingerprint verification.
2020/10/10
Not needed, but appreciated
Metadata Update from @pemensik: - Issue close_status updated to: Invalid - Issue status updated to: Closed (was: Open)
Sorry, my comparing omitted the space. It matches after correction.
Login to comment on this ticket.