[Bug 3132] No command to list the content of an SSH KRL
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Mar 13 18:35:31 AEDT 2020
https://bugzilla.mindrot.org/show_bug.cgi?id=3132
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org,
| |dtucker at dtucker.net
Attachment #3367| |ok?(dtucker at dtucker.net)
Flags| |
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Created attachment 3367
--> https://bugzilla.mindrot.org/attachment.cgi?id=3367&action=edit
Support for dumping KRL contents via ssh-keygen
This patch adds support for dumping KRL contents via "ssh-keygen -Qlf
/path/krl"
The dump format is similar to the KRL specification format described in
ssh-keygen(1)'s KEY REVOCATION section. Some things we need to print
don't fit the format, so I print them as comments.
Example:
> $ ssh-keygen -lQf obj/krl-all
> # KRL version 0
> # Generated at 20200313T181736
>
> hash: SHA256:SHA256:s8ltKq+ldDA2KIlB5dqI0BfEI4UyV+pJujwg6Q2uKIU # ssh-dss
> hash: SHA256:SHA256:zbEIKMbhOkp/jZWE/cW67PnEwSyv0Oju1c4PH1N70/k # ssh-ed25519
> hash: SHA256:SHA256:VZS9t21+vjrGDece9Pc6i23kPcVw5QsVOtxBCuIOyRw # ecdsa-sha2-nistp256
> hash: SHA256:SHA256:jHnudyvRBF93GK/jA9NO7wpUd5emyeCq9NlIEI6dVQA # sk-ecdsa-sha2-nistp256 at openssh.com
> # CA key ssh-ed25519 SHA256:7Y4hOrk8kHvyTeXl+VU/zwD28qqCK9e5M35LTwe0OpM
> serial: 1
> serial: 4
> serial: 90
> serial: 500-799
> serial: 999
> serial: 10000-20000
> id: revoked 795
> id: revoked 796
> id: revoked 797
> id: revoked 798
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list