How do I create an SSHFP record?

With an SSHFP (SSH Fingerprint) record your can store an SSH Fingerprint in the DNS on your domain. It can be used to verify the SSH server's key.

SSHFP records can only be trusted if DNSSEC is enabled on your domain. We are in the process of enabling DNSSEC for as many domains as possible. You can check if DNSSEC is enabled for your domain here: DNSKEY Lookup.

Create an SSHFP record on your domain

  1. Log into the one.com control panel.
  2. Click DNS settings on the Advanced settings tile.
  3. Go to DNS records.
  4. Under create new record, click SSHFP.
  5. Enter the following details:
    - Enter a hostname or leave the field empty to create it on the domain root.
    - In the Value field enter the algorithm, fingerprint type and fingerprint like this: 2 1 123456789abcdef ... 67890. Check the wiki article about SSHFP for more information.
    - Optionally enter a TTL, or leave it empty to default to 3600 seconds.
  6. Click Create record to save your settings.
Example: In the screenshot below we have added the SSHFP record with the hostname host.one-example.guide and value 2 1 123456789abcdef ... 67890. The TTL is left empty, which will make it default to 3600.

sshfp.png

Related articles:

How do I create an SPF record?
How do I create a TLSA record?
Was this article helpful?

Can’t find what you are looking for?

We're here for you.

Chat with us 24/7 - every day of the year

are answered within 24 hours