Key fingerprint feature request

Markus Friedl Markus.Friedl at informatik.uni-erlangen.de
Fri Jan 12 19:44:06 EST 2001


> Does anyone know what algorithm the commercial ssh-2.3.0 uses to display
> the key fingerprints ? On the manual it says the algorithm is 
> 'bubble babble' but I didn't find out how to actually create this
> bubble string (I guess I could find out from the sources).

they use sha1 for fingerprints, we use md5

we print hex digits, they use 'bubble babble' but
there is a compile time define to switch to hex
digits. you have to use the sources for 'bubble babble'

> I think that it would be a nice option if OpenSSH could print out
> the host keys fingerprint in same format as the commercial ssh. This would
> make it so much easier to compare host keys etc. when you (have to) use
> both commercial ssh / openssh clients and servers.

i think it would be nice if the commercial ssh could print 
out the  host keys fingerprint in same format as OpenSSH :)

> >From what I can see it wouldn't be too much work to add new fingerprint
> method to key.c:key_fingerprint ... Perhaps the fingerprint style could
> be configurable with ssh_config options ?

well, ssh-keygen does not read ssh_config (and should not).
but, yes, perhaps key_fingerprint should get some more options
(like hash type, output format). on the other hand, this could
confuse people.





More information about the openssh-unix-dev mailing list