3003 – [PATCH] ssh-keygen does not print ASCII art fingerprint of knonw_hosts entry

Bug 3003 - [PATCH] ssh-keygen does not print ASCII art fingerprint of knonw_hosts entry

Summary: [PATCH] ssh-keygen does not print ASCII art fingerprint of knonw_hosts entry

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh-keygen (show other bugs)
Version:	8.0p1
Hardware:	All All

Importance:	P5 minor
Assignee:	Damien Miller

URL:
Keywords:

Depends on:
Blocks:	V_8_1
	Show dependency tree / graph

Reported:	2019-05-05 08:56 AEST by Ville Sinisalo
Modified:	2023-01-13 13:42 AEDT (History)
CC List:	2 users (show)

See Also:

Attachments
patch against current CVS version (664 bytes, patch) 2019-05-05 08:56 AEST, Ville Sinisalo	no flags	Details \| Diff
patch for man page (254 bytes, patch) 2019-05-05 09:11 AEST, Ville Sinisalo	no flags	Details \| Diff
corrected patch for both ssh-keygen.c & man page (1.31 KB, patch) 2019-05-06 03:34 AEST, Ville Sinisalo	no flags	Details \| Diff
tweak for style(9) (1.34 KB, patch) 2019-06-07 14:03 AEST, Damien Miller	no flags	Details \| Diff
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ville Sinisalo 2019-05-05 08:56:26 AEST

Created attachment 3274 [details]
patch against current CVS version

ssh-keygen -l -f keyfile prints the fingerprint of a public key. Combining the -l switch with -v additionally prints the key's "ASCII art" representation, which is visually easier to compare in case the key's fingerprint needs to be verified manually.

ssh-keygen -F host can be used to search the known_hosts file for a host's key and adding -l prints the key's fingerprint. But combining the -l switch with -v to get the ASCII art representation does not work in this context; the source code makes no attempt to generate or print the ASCII art fingerprint of the knonw_hosts key. This seems to be a bug.

Attached is a patch that should fix this (I just copied the ASCII art printing code from fingerprint_one_key() function used by do_fingerpint(), and added a missing NULL check that was present there.)

Comment 1 Ville Sinisalo 2019-05-05 09:11:18 AEST

Created attachment 3275 [details]
patch for man page

Comment 2 Ville Sinisalo 2019-05-06 03:34:09 AEST

Created attachment 3276 [details]
corrected patch for both ssh-keygen.c & man page

Comment 3 Damien Miller 2019-06-07 14:03:41 AEST

Created attachment 3289 [details]
tweak for style(9)

Comment 4 Damien Miller 2019-07-19 13:38:15 AEST

Applied - thanks

Comment 5 Damien Miller 2019-10-09 15:11:45 AEDT

Close bugs fixed in openssh-8.1 release cycle