| Summary: | [PATCH] ssh-keygen does not print ASCII art fingerprint of knonw_hosts entry | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | Ville Sinisalo <blaubosch> | ||||||||||
| Component: | ssh-keygen | Assignee: | Damien Miller <djm> | ||||||||||
| Status: | CLOSED FIXED | ||||||||||||
| Severity: | minor | CC: | djm, dtucker | ||||||||||
| Priority: | P5 | ||||||||||||
| Version: | 8.0p1 | ||||||||||||
| Hardware: | All | ||||||||||||
| OS: | All | ||||||||||||
| Bug Depends on: | |||||||||||||
| Bug Blocks: | 2988 | ||||||||||||
| Attachments: |
|
||||||||||||
Created attachment 3275 [details]
patch for man page
Created attachment 3276 [details]
corrected patch for both ssh-keygen.c & man page
Created attachment 3289 [details]
tweak for style(9)
Applied - thanks Close bugs fixed in openssh-8.1 release cycle |
Created attachment 3274 [details] patch against current CVS version ssh-keygen -l -f keyfile prints the fingerprint of a public key. Combining the -l switch with -v additionally prints the key's "ASCII art" representation, which is visually easier to compare in case the key's fingerprint needs to be verified manually. ssh-keygen -F host can be used to search the known_hosts file for a host's key and adding -l prints the key's fingerprint. But combining the -l switch with -v to get the ASCII art representation does not work in this context; the source code makes no attempt to generate or print the ASCII art fingerprint of the knonw_hosts key. This seems to be a bug. Attached is a patch that should fix this (I just copied the ASCII art printing code from fingerprint_one_key() function used by do_fingerpint(), and added a missing NULL check that was present there.)