[Bug 3226] Feature request: Prempt fingerprint prompt when connecting to new server

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Oct 31 03:48:39 AEDT 2020


https://bugzilla.mindrot.org/show_bug.cgi?id=3226

--- Comment #3 from bugzilla.mindrot.org at marget.com ---
> Running just ssh-keyscan and ssh-keygen should give you all you need

Yes, ssh-keygen can handle the 'base64; hash; base64; fingerprint
string construction' steps.

There's still the matter of calling both of those programs, storing the
output, comparing the fingerprint strings and conditionally updating
the known_hosts file.

I can do these tasks, and am doing them today.

If that's the workflow the community and maintainers intend, then I'll
stick with it. It seemed reasonable to request (and I was encouraged to
do so) because the ssh client already has two other built-in ways of
doing fingerprint validation.

I'm pretty amused that we managed to produce the same fingerprint
string in our examples.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list