ssh-keyscan for ssh2 (was Re: openssh-2.9p1)

Sat May 19 06:26:12 EST 2001

When I mean by missing.. How do I pull DSAv2 keys from a remote machine
using your patch?

What is needed is:

-1 -- RSA Protocol 1 Keys
-R -- RSA Protocol 2 Keys
-D -- DSA Protocol 2 Keys


This is a patch which is against your current version

--- ../xxh/ssh-keyscan.c	Fri May 18 10:26:38 2001
+++ ssh-keyscan.c	Fri May 18 10:27:20 2001
@@ -44,7 +44,7 @@
 int IPv4or6 = AF_UNSPEC;
 #endif

-int get_keytypes = 1;		/* Get only RSA keys by default */
+int get_keytypes = 1;		/* Get only RSA1 keys by default */

 #define MAXMAXFD 256

@@ -78,7 +78,7 @@
 	int c_plen;		/* Packet length field for ssh packet */
 	int c_len;		/* Total bytes which must be read. */
 	int c_off;		/* Length of data read so far. */
-	int c_keytypes;		/* bits: 1 = get RSA, 2 = get DSA */
+	int c_keytypes;		/* bits: 1 = RSA1, 2 = DSA, 4 = RSA */
 	char *c_namebase;	/* Address to free for c_name and c_namelist */
 	char *c_name;		/* Hostname of connection for errors */
 	char *c_namelist;	/* Pointer to other possible addresses */
@@ -319,12 +319,16 @@
 }

 Key *
-keygrab_ssh2(con *c)
+keygrab_ssh2(con *c, int keytypes)
 {
 	Key *key;

 	packet_set_connection(c->c_fd, c->c_fd);
 	packet_set_ssh2_format();
+	myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-rsa";
+	if (keytypes == 2)
+		myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "ssh-dss";
+
 	c->c_kex = kex_setup(myproposal);
 	c->c_kex->check_host_key = hostjump;

@@ -496,7 +500,7 @@
 	}
 	*cp = '\0';
 	fprintf(stderr, "# %s %s\n", c->c_name, buf);
-	if (!(c->c_keytypes & 1)) {
+	if (c->c_keytypes == 2 || c->c_keytypes == 4) {
 		char remote_version[sizeof buf];

 		if (sscanf(buf, "SSH-%*d.%*d-%[^\n]\n", remote_version) == 1)
@@ -512,12 +516,11 @@
 		confree(s);
 		return;
 	}
-	if (!(c->c_keytypes & 1)) {
-		keyprint(c, keygrab_ssh2(c));
-		c->c_keytypes &= ~2;
+	if (c->c_keytypes == 2 || c->c_keytypes == 4) {
+		keyprint(c, keygrab_ssh2(c,c->c_keytypes));
 		confree(s);
 		return;
-	}
+	}
 	c->c_status = CS_SIZE;
 	contouch(s);
 }
@@ -625,7 +628,6 @@
 	static Linebuf *lb;
 	char *fname;
 	int first_proto_option = 1;
-
 	for (;;) {
 		if (lb) {
 			char *line;
@@ -659,12 +661,25 @@
 				lb = Linebuf_alloc(fname, error);
 				goto double_break;
 			case '1':
-			case '2':
 				if (first_proto_option) {
 					get_keytypes = 0;
 					first_proto_option = 0;
 				}
-				get_keytypes |= argv[argno][0] - '0';
+				get_keytypes |= 1;
+				break;
+			case 'D':
+				if (first_proto_option) {
+					get_keytypes = 0;
+					first_proto_option = 0;
+				}
+				get_keytypes |= 2;
+				break;
+			case 'R':
+				if (first_proto_option) {
+					get_keytypes = 0;
+					first_proto_option = 0;
+				}
+				get_keytypes |= 4;
 				break;
 			case '4':
 				IPv4or6 = AF_INET;
@@ -686,7 +701,7 @@
 void
 usage(void)
 {
-	fatal("usage: %s [-t timeout] { [-1|-2|-4|-6] [--] host | -f file } ...",
+	fatal("usage: %s [-t timeout] { [-1|-R|-D|-4|-6] [--] host | -f file } ...",
 	    __progname);
 	return;
 }


