This way, ready to copy and paste:
ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
Background:
It already takes a lot of resources to recall that to see the host key
fingerprint you need to run something called 'keygen'. Then ssh-keygen
doesn't support --help
: it will try to generate a new key instead. We're in
2008. There should be a law against this sort of behaviour.
To figure out how to see the host key, you need to dig through a long manpage
with no examples section. ssh-keygen
does have commandline help, but does
not implement any switch to invoke it (check the getopt invocation in the
source code if you don't believe me). It will however show commandline help
when given an unrecognised option, so it will mutter but at least give you love
if you ask for it:
$ ssh-keygen -♥
ssh-keygen: illegal option --
Usage: ssh-keygen [options]
Options:
[...]
After figuring out that it's -l -f, you still have to go and fish the file wherever it is. And luckily we had the recent Debian openssh problems, so now I can get the fingerprint of the RSA file only and be done with it.
But thanks to this blog entry, no more of that, at last.