On Fri, Sep 18, 2009 at 10:30 AM, Martin Schrvder <mar...@oneiros.de> wrote: > If the fingerprint is unknown, an alternative method of > verification is available: SSH fingerprints ver- > ified by DNS. An additional resource record (RR), SSHFP, is > added to a zonefile and the connecting > client is able to match the fingerprint with that of the key presented.
I thought that only solves management of the known_hosts file, not authorized_keys. (Also, it requires secure DNS.)
