Hi JP,<div><br></div><div>thanks for your response. I'll work through the discussion and dive into dnssec. Interesting topic I didn't get in touch...</div><div><br></div><div>br...: Gerd :...</div><div><br><br><div class="gmail_quote">
On 24 May 2012 20:17, Jan-Piet Mens <span dir="ltr"><<a href="mailto:jpmens.dns@gmail.com" target="_blank">jpmens.dns@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">> keys as "SSHFP-Record"s, so that I'm able to call via <<ssh<br>
</div>> user@remotehost-o "VerifyHostKeyDNS=yes">> and get a result line like<br>
<div class="im">> "Matching host key<br>
> fingerprint found in DNS".<br>
<br>
</div>This may or not be painful, if you're not using DNSSEC. (You may like to<br>
glance at a discussion, and the comments, at [1].)<br>
<div class="im"><br>
> Since I've nothing found, seems like dnsmasq doesn't support SSHFP-Records,<br>
> right ?!?!<br>
<br>
</div>I don't think this is possible at the moment, but we'll have to ask<br>
Simon. Simon? Are you there? :-)<br>
<br>
        -JP<br>
<br>
[1]: <a href="http://jpmens.net/2011/02/18/verifyhostkeydnsmaybe/" target="_blank">http://jpmens.net/2011/02/18/verifyhostkeydnsmaybe/</a><br>
<div class="HOEnZb"><div class="h5"><br>
<br>
_______________________________________________<br>
Dnsmasq-discuss mailing list<br>
<a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
<a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" target="_blank">http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</a><br>
</div></div></blockquote></div><br></div>