#Getting the fingerprints
The one associated to the server's ECDSA public key (the one that's normally shown when ssh-ing for the first time):
$ ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key.pub
Or, if RSA is negociated, the RSA public key
$ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub
The one associated to the user's public key
$ ssh-keygen -l -f ~/.ssh/id_rsa.pub
Aparently (http://superuser.com/questions/929566/sha256-ssh-fingerprint-given-by-the-client-but-only-md5-fingerprint-known-for-se) now there is a better format for the fingerprint to be shown. Unfortunately, your client and server might be showing different formats which might make the verification harder. If your server shows it MD5:XX:XX... (old format) and your client shows it SHA256:xxxxxx you might work around it by asking the client to show the fingerprint in the old format. I'm not sure how much of a good idea this is, as the new format is supposed to be more secure, but here you go:
$ ssh-keygen -l -f ~/.ssh/id_rsa.pub -o FingerprintHash=md5
The server can be instructed to generate the fingerprint in one of the formats with -E:
$ ssh-keygen -l -E SHA256 -f /etc/ssh/ssh_host_ecdsa_key.pub
256 SHA256:BIugQ/e03jWiuu2HkztRaZkOLASOId7l18rGe/G2wgA root@mymachine (ECDSA)
$ ssh-keygen -l -E MD5 -f /etc/ssh/ssh_host_ecdsa_key.pub
256 MD5:28:24:fb:53:4f:bf:05:9b:b5:50:3b:8d:16:b5:3c:b8 root@mymachine (ECDSA)