how is the sha fingerprint generated?
Johannes Löthberg
johannes at kyriasis.com
Wed Jul 1 02:43:36 AEST 2015
On 30/06, Emmanuel Vadot wrote:
>
> You really don't need openssl for that.
>
> And the fingerprints are simple.
> Here is a python script that do the same as ssh-keygen
>-fl /path/to/key :
>
>#!/usr/bin/env python3
>
>import binascii
>import hashlib
>import sys
>
>if __name__ == "__main__":
> key = binascii.a2b_base64(sys.argv[1])
> if sys.argv[2] == "md5":
> m = hashlib.new("md5")
> m.update(key)
> print(m.hexdigest())
> elif sys.argv[2] == "sha256":
> m = hashlib.new("sha256")
> m.update(key)
> print(binascii.b2a_base64(m.digest()).decode("utf8")[0:-1])
>
> Do use it in production, do some test, but the general idea is there.
>
That doesn't actually work for either RSA nor Ed25519 keys?
Example: https://theos.kyriasis.com/~kyrias/s/mX8U0VzI5w.png
--
Sincerely,
Johannes Löthberg
PGP Key ID: 0x50FB9B273A9D0BB5
https://theos.kyriasis.com/~kyrias/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1495 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150630/3bb1ffed/attachment.bin>
More information about the openssh-unix-dev
mailing list