1 files changed, 0 insertions, 52 deletions
diff --git a/README.dns b/README.dns
deleted file mode 100644
index e24092e03..000000000
--- a/README.dns
+++ /dev/null
@@ -1,52 +0,0 @@
-How to verify host keys using OpenSSH and DNS
---------------------------------------------
-OpenSSH contains experimental support for verifying host keys using DNS
-as described in draft-ietf-secsh-dns-xx.txt. The document contains
-very brief instructions on how to test this feature. Configuring DNS
-and DNSSEC is out of the scope of this document.
-(1) Enable DNS fingerprint support in OpenSSH
-        configure --with-dns
-(2) Generate and publish the DNS RR
-To create a DNS resource record (RR) containing a fingerprint of the
-public host key, use the following command:
-        ssh-keygen -r hostname -f keyfile -g
-where "hostname" is your fully qualified hostname and "keyfile" is the
-file containing the public host key file. If you have multiple keys,
-you should generate one RR for each key.
-In the example above, ssh-keygen will print the fingerprint in a
-generic DNS RR format parsable by most modern name server
-implementations. If your nameserver has support for the SSHFP RR, as
-defined by the draft, you can omit the -g flag and ssh-keygen will
-print a standard RR.
-To publish the fingerprint using the DNS you must add the generated RR
-to your DNS zone file and sign your zone.
-(3) Enable the ssh client to verify host keys using DNS
-To enable the ssh client to verify host keys using DNS, you have to
-add the following option to the ssh configuration file
-($HOME/.ssh/config or /etc/ssh/ssh_config):
-    VerifyHostKeyDNS yes
-Upon connection the client will try to look up the fingerprint RR
-using DNS. If the fingerprint received from the DNS server matches
-the remote host key, the user will be notified.
-        Jakob Schlyter
-        Wesley Griffin
-$OpenBSD: README.dns,v 1.1 2003/05/14 18:16:20 jakob Exp $

diff --git a/README.dns b/README.dns deleted file mode 100644 index e24092e03..000000000 --- a/README.dns +++ /dev/null
@@ -1,52 +0,0 @@
1	How to verify host keys using OpenSSH and DNS
2	---------------------------------------------
3
4	OpenSSH contains experimental support for verifying host keys using DNS
5	as described in draft-ietf-secsh-dns-xx.txt. The document contains
6	very brief instructions on how to test this feature. Configuring DNS
7	and DNSSEC is out of the scope of this document.
8
9
10	(1) Enable DNS fingerprint support in OpenSSH
11
12	configure --with-dns
13
14	(2) Generate and publish the DNS RR
15
16	To create a DNS resource record (RR) containing a fingerprint of the
17	public host key, use the following command:
18
19	ssh-keygen -r hostname -f keyfile -g
20
21	where "hostname" is your fully qualified hostname and "keyfile" is the
22	file containing the public host key file. If you have multiple keys,
23	you should generate one RR for each key.
24
25	In the example above, ssh-keygen will print the fingerprint in a
26	generic DNS RR format parsable by most modern name server
27	implementations. If your nameserver has support for the SSHFP RR, as
28	defined by the draft, you can omit the -g flag and ssh-keygen will
29	print a standard RR.
30
31	To publish the fingerprint using the DNS you must add the generated RR
32	to your DNS zone file and sign your zone.
33
34
35	(3) Enable the ssh client to verify host keys using DNS
36
37	To enable the ssh client to verify host keys using DNS, you have to
38	add the following option to the ssh configuration file
39	($HOME/.ssh/config or /etc/ssh/ssh_config):
40
41	VerifyHostKeyDNS yes
42
43	Upon connection the client will try to look up the fingerprint RR
44	using DNS. If the fingerprint received from the DNS server matches
45	the remote host key, the user will be notified.
46
47
48	Jakob Schlyter
49	Wesley Griffin
50
51
52	$OpenBSD: README.dns,v 1.1 2003/05/14 18:16:20 jakob Exp $