Add support for RFC 6594 SSHFP DNS records.

https://fedorahosted.org/freeipa/ticket/2642
2025-02-25 18:55:28 -06:00 · 2013-01-08 16:13:07 +01:00
parent c1735e1c80
commit 86dde3a38e
3 changed files with 21 additions and 3 deletions
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -1325,6 +1325,9 @@ def update_ssh_keys(server, hostname, ssh_dir, create_sshfp):
            sshfp = pubkey.fingerprint_dns_sha1()
            if sshfp is not None:
                update_txt += 'update add %s. %s IN SSHFP %s\n' % (hostname, ttl, sshfp)
+            sshfp = pubkey.fingerprint_dns_sha256()
+            if sshfp is not None:
+                update_txt += 'update add %s. %s IN SSHFP %s\n' % (hostname, ttl, sshfp)
        update_txt += 'send\n'

        if not do_nsupdate(update_txt):