Hacker News new | comments | ask | show | jobs | submit login
Ask HN: How do you distribute ssh server fingerprints?
5 points by pmoriarty on Feb 7, 2016 | hide | past | web | favorite | 2 comments
Problem: Your organization has a lot of servers which are constantly being created, modified, replaced, and destroyed. So their ssh host keys change frequently, and new ones get added frequently.

Question 1: How do you effeciently and securely distribute the right ssh server fingerprints to all of your team members?

Question 2: How do you keep the fingerprints that each team member has up-to-date?

This problem has been solved long ago in OpenSSH:


The easiest thing is probably to check in a known hosts file. Hopefully your revision control server has a stable host key.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact