ssh2_fingerprint

(PECL)

ssh2_fingerprint --  Retreive fingerprint of remote server

Description

string ssh2_fingerprint ( resource session [, int flags] )

Returns a server hostkey hash from an active session. Defaults to MD5 fingerprint encoded as ASCII hex values.

flags may be either of SSH2_FINGERPRINT_MD5 or SSH2_FINGERPRINT_SHA1 logically ORed with SSH2_FINGERPRINT_HEX or SSH2_FINGERPRINT_RAW. Defaults to SSH2_FINGERPRINT_MD5 | SSH2_FINGERPRINT_HEX.

Example 1. Checking the fingerprint against a known value

<?php
$known_host
= '6F89C2F0A719B30CC38ABDF90755F2E4';

$connection = ssh2_connect('shell.example.com', 22);

$fingerprint = ssh2_fingerprint($connection,
               
SSH2_FINGERPRINT_MD5 | SSH2_FINGERPRINT_HEX);

if (
$fingerprint != $known_host) {
  die(
"HOSTKEY MISMATCH!\n" .
      
"Possible Man-In-The-Middle Attack?");
}
?>