ssh: Add host fingerprint matching

Added fingerprint matching to host functionality replacing the old
matching on ip with nc idea.
Functions essentially the same, only that now if another host
randomly/or targeted replaces the original checking target you will
still not try to be connected since the ssh fingerprint will not match.
Should make it a teensy bit more secure.

ssh/.ssh/conf/config.ssh

@@ -1,5 +0,0 @@
-# Send a keepalive package every 15 seconds without data
-ServerAliveInterval 15
-
-# conserve some bandwidth at the cost of processing power
-Compression yes

ssh/.ssh/config

@@ -1,2 +1,7 @@
-Include ~/.ssh/conf/config.ssh
+# Send a keepalive package every 15 seconds without data
-Include ~/.ssh/conf/hosts.ssh
+ServerAliveInterval 15
+
+# conserve some bandwidth at the cost of processing power
+Compression yes
+
+Include ~/.ssh/hosts

ssh/.ssh/scripts/check-fingerprint

@@ -0,0 +1,21 @@
+#!/bin/bash
+# from: https://awbmilne.github.io/blog/SSH-Host-Fallback/
+# Takes 2 arguments: a hostname and an ssh fingerprint
+# Retrieves all fingerprints from hostname and compares
+# to see if the fingerprint passed in is part of them.
+# If it is, returns true; if not, false.
+# Can be used for more secure matching on hostname availability
+# in sshconfig than e.g. nc ip matching.
+#
+# To find your keys fingerprint, one option is just connecting
+# via `ssh -v` and looking for the fingerprint there.
+
+fingerprints=$(ssh-keygen -lf <(ssh-keyscan "$1" 2>/dev/null))
+
+for fingerprint in $fingerprints; do
+    if [ "$fingerprint" == "$2" ]; then
+        exit 0
+    fi
+done
+
+exit 1