[guardian-dev] TOFU/POP aid for HTTPS
Hans-Christoph Steiner
hans at guardianproject.info
Wed Aug 29 13:09:25 EDT 2012
I seem to run into self-signed HTTPS certificates a lot, and I like to
try to verify them to some degree beyond just "Trust On First Use". I
wrote a little script to easy get an HTTPS cert's SHA1 and MD5
fingerprints from the terminal. Then I can ssh to a couple remote
machines and make sure that the fingerprint is the same before trusting it.
The script is attached, you need to install this to run it:
apt-get install python-m2crypto
.hc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: getfp.py
Type: text/x-python
Size: 964 bytes
Desc: not available
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20120829/dc7ca7ce/attachment.py>
More information about the Guardian-dev
mailing list