RFC 4255 · PROPOSED STANDARD · 2006
SUN · 14 JUN 2026
Using DNS to Securely Publish Secure Shell Key Fingerprints
Overview
RFC 4255, “Using DNS to Securely Publish Secure Shell Key Fingerprints”, is a Proposed Standard document published in January 2006 by J. Schlyter, W. Griffin. The canonical text is published by the RFC Editor.
Abstract
This document describes a method of verifying Secure Shell (SSH) host keys using Domain Name System Security (DNSSEC). The document defines a new DNS resource record that contains a standard SSH key fingerprint. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
Read this RFC
The canonical text of RFC 4255 is hosted at rfc-editor.org. Available in TXT,HTML.
Other RFCs from 2006
- RFC 4254 The Secure Shell Connection Protocol
- RFC 4256 Generic Message Exchange Authentication for the Secure Shell Protocol
- RFC 4253 The Secure Shell Transport Layer Protocol
- RFC 4252 The Secure Shell Authentication Protocol
- RFC 4251 The Secure Shell Protocol Architecture
- RFC 4250 The Secure Shell Protocol Assigned Numbers
- RFC 4249 Implementer-Friendly Specification of Message and MIME-Part Header Fields and Field Components
- RFC 4263 Media Subtype Registration for Media Type text/troff