[guardian-dev] TOFU/POP aid for HTTPS

Hans-Christoph Steiner hans at guardianproject.info
Wed Aug 29 13:09:25 EDT 2012


I seem to run into self-signed HTTPS certificates a lot, and I like to
try to verify them to some degree beyond just "Trust On First Use".  I
wrote a little script to easy get an HTTPS cert's SHA1 and MD5
fingerprints from the terminal.  Then I can ssh to a couple remote
machines and make sure that the fingerprint is the same before trusting it.

The script is attached, you need to install this to run it:

apt-get install python-m2crypto

.hc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: getfp.py
Type: text/x-python
Size: 964 bytes
Desc: not available
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20120829/dc7ca7ce/attachment.py>


More information about the Guardian-dev mailing list