10

When I try this command it fails:

ssh -o FingerprintHash=sha256 example.com

Error message: command-line: line 0: Bad configuration option: fingerprinthash

Why is this? Has this option been removed from OpenSSH? My ssh client version is OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.10, OpenSSL 1.0.1f 6 Jan 2014.

My intention is to verify the fingerprint from the client’s output with the fingerprint sent to me by the sysadmin, which was in another format (base64-encoded SHA256, I believe).

Lightness Races in Orbit
  • 3,066
  • 1
  • 20
  • 29
Carl Winbäck
  • 506
  • 2
  • 7
  • 18

1 Answers1

16

FingerprintHash option is available since OpenSSH 6.8 only.

Earlier versions always use MD5.

See also SHA256 ssh fingerprint given by the client but only md5 fingerprint known for server.

Martin Prikryl
  • 21,071
  • 9
  • 77
  • 157