Use "ssh-keygen -lf" to view SSH server fingerprint before connecting

When you connect to a server the first time using Secure Shell (SSH), you are shown the server's public key fingerprint. How do you verify that fingerprint?

• If it's a public/well-known server, they should publish their SSH fingerprints -- make sure to view them over HTTPS and not unencrypted HTTP
• If it's your own private server, log in via console and use a command such as:

ssh-keygen -lf /etc/ssh/ssh_host_rsa_key.pub

I didn't actually learn this today, but it's a command I use frequently enough that I wanted to write it down somewhere.