SSHFP not always working

I’m trying to make SSHFP work. With these fingerprints in DNSSEC it should be possible to verify a host through DNSSEC.

It seems I’m not the only one having problems. Take a look at Jan-Piet Mens blog.

At the moment I’m trying to link libbind9 with OpenSSH to use the Bind resolver instead of the standard libresolv. This is suggested in this bug report, but I do not have that working, yet.

Accoring to this link it should be fully working with glibc version 2.11+. So it will not work on Redhat 5 or CentOS. On OpenBSD things work as expected and on OS X 10.6 (Snow Leopard) they don’t.

I’ve checked these Linux operating systems:

OS and Version (g)libc version Working
Ubuntu 10.04 2.11 Yes
Ubuntu 11.04 2.12 Yes
Ubuntu 11.10 2.13 Yes
Fedora 14 2.13 Yes
CentOS 5 2.5 No
CentOS 6 2.12 Yes
Arch Linux 2.13 Yes