ssh-keygen listing fingerprints little unclear

Markus Friedl markus at openbsd.org
Thu Jul 25 22:16:59 EST 2002


On Thu, Jul 25, 2002 at 02:04:24PM +0200, Magnus Bodin wrote:
> ok. I've started to provide a patch, but have not yet had time to look into
> how ssh-keygen is retrieving the key-type from the file. I guess it's done
> in key_read(). What about the 'old' types that occur in at least some
> of my known_hosts-file, which reads '1024 33', '1024 37' and so forth. How
> do they map onto KEY_RSA, KEY_DSA etc? Are they all KEY_RSA1?  Should they 
> be shown as if they were of the 'new' rsa1-type?

they are all KEY_RSA1.

you should just print
	key_name(key).

as to the filter:

Index: ssh-keygen.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.c,v
retrieving revision 1.101
diff -u -r1.101 ssh-keygen.c
--- ssh-keygen.c	23 Jun 2002 09:39:55 -0000	1.101
+++ ssh-keygen.c	25 Jul 2002 12:15:49 -0000
@@ -441,11 +441,14 @@
 	FILE *f;
 	Key *public;
 	char *comment = NULL, *cp, *ep, line[16*1024], *fp;
-	int i, skip = 0, num = 1, invalid = 1;
+	int i, skip = 0, num = 1, invalid = 1, key_filter = KEY_UNSPEC;
 	enum fp_rep rep;
 	enum fp_type fptype;
 	struct stat st;
 
+	if (key_type_name != NULL)
+		key_filter = key_type_from_name(key_type_name);
+
 	fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5;
 	rep =    print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX;
 
@@ -513,6 +516,11 @@
 					key_free(public);
 					continue;
 				}
+			}
+			if (key_filter != KEY_UNSPEC &&
+			    key_filter != public->type) {
+				key_free(public);
+				continue;
 			}
 			comment = *cp ? cp : comment;
 			fp = key_fingerprint(public, fptype, rep);



More information about the openssh-unix-dev mailing list