How to verify SSH Fingerprint of a VyOS Router

I have installed a new VyOS router and the first time connecting to it with SSH it asks me to verify the fingerprint. Out of curiosity I tried to find the fingerprint on the console to compare to and had no luck. Also had no luck hunting in the documentation (which I have found very good IMHO), ‘Googling’ or searching in this forum. TIA

Version: VyOS 1.3-rolling-202309140800

On the server (VyOS):

for PUBKEY in /etc/ssh/*.pub; do ssh-keygen -l -v -E sha256 -f ${PUBKEY}; done

On the client:

To verify connection:

ssh -o VisualHostKey=yes -o FingerprintHash=sha256 <HOST>

To verify stored fingerprint(s):

ssh-keygen -l -v -F <HOST>

Note that if you connect using FQDN ( vs if you connect using IP-address thats considered two different hosts by the fingerprint db.

I think this would be a great op-mode command such as show ssh or show ssh fingerprints to display the fingerprints of the VyOS but also hint the user what commands to use to verify this locally in the client aswell.

Please file this as a feature request over at (or let me know if you want me to do it for you?).


Thanks that worked perfectly!

I will have a crack at filing it as a feature request and let you know if I get stuck. Many Thanks

I tried to create an account but I’m still waiting for approval… :man_shrugging:

Finally got there - T5653. Hopefully the correct level of detail. Cheers