If you’ve ever tried to connected to a new server over SSH, you would’ve seen a message similar to the following:
# ssh iridium
The authenticity of host ‘[foo]’ can’t be established.
RSA key fingerprint is a2:b9:c5:d3:e5:fc:a6:b3:c7:da:e1:f0:ac:b9:c9:d5.
Are you sure you want to continue connecting (yes/no)?
Then you may have wondered, “Well, what *is* the fingerprint of my server supposed to be?”. Basically, in order to do the authentication of the host, you should run the command below (at SSH server install time, or over a “secure” channel) in order to get your hosts SSH fingerprint:
# ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub
2048 a2:b9:c5:d3:e5:fc:a6:b3:c7:da:e1:f0:ac:b9:c9:d5 root@foo (RSA)