[Bug 2332] Show more secure fingerprints than MD5 (e.g. SHA256) in ssh and ssh-keygen

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Jan 9 00:26:03 AEDT 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2332

--- Comment #6 from Petr Lautrbach <plautrba at redhat.com> ---
works for me with this patch:

--- a/readconf.c
+++ b/readconf.c
@@ -1464,6 +1464,7 @@ parse_int:
                goto parse_string;

        case oFingerprintHash:
+               intptr = &options->fingerprint_hash;
                arg = strdelim(&s);
                if (!arg || *arg == '\0')
                        fatal("%.200s line %d: Missing argument.",
@@ -1471,8 +1472,8 @@ parse_int:
                if ((value = ssh_digest_alg_by_name(arg)) == -1)
                        fatal("%.200s line %d: Invalid hash algorithm
\"%s\".",
                            filename, linenum, arg);
-               if (*activep)
-                       options->fingerprint_hash = value;
+               if (*activep && *intptr == -1)
+                       *intptr = value;
                break;

        case oDeprecated:

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list