[Bug 2165] ssh option to prompt for fingerprint input

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Apr 18 21:40:25 EST 2014


https://bugzilla.mindrot.org/show_bug.cgi?id=2165

Petr Lautrbach <plautrba at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |plautrba at redhat.com

--- Comment #3 from Petr Lautrbach <plautrba at redhat.com> ---
Created attachment 2430
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2430&action=edit
StrictHostKeyChecking=require-fingerprint

This patch is based on the patch I've just attached  to
https://bugzilla.mindrot.org/show_bug.cgi?id=1872 and allows to specify
StrictHostKeyChecking=require-fingerprint:

$ ssh -o FingerprintType=sha256 -o
stricthostkeychecking=require-fingerprint -p 2222 localhost
The authenticity of host '[localhost]:2222 ([127.0.0.1]:2222)' can't be
established.
Type the ECDSA key fingerprint from remote host [sha256]: abcd
Host key verification failed.

$ ssh -o FingerprintType=sha256 -o
stricthostkeychecking=require-fingerprint -p 2222 localhost
The authenticity of host '[localhost]:2222 ([127.0.0.1]:2222)' can't be
established.
Type the ECDSA key fingerprint from remote host [sha256]:
5b:bc:6c:0a:b2:8d:84:eb:2a:6b:14:92:94:1c:85:b3:82:98:ba:b0:55:fd:2a:61:52:8c:b0:79:49:4b:e7:73
Warning: Permanently added '[localhost]:2222' (ECDSA) to the list of
known hosts.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list