Your message dated Sun, 14 Feb 2021 17:04:28 +0000
with message-id <[email protected]>
and subject line Bug#738494: fixed in hash-slinger 3.1-1
has caused the Debian Bug report #738494,
regarding hash-slinger: sshfp doesn't support ECDSA host keys or SHA-2 
fingerprints (RFC6594)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
738494: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738494
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: hash-slinger
Version: 2.5-1
Severity: wishlist

Dear Maintainer,

I got scanning to work, but it only supports the original RFC4255 spec
(RSA/DSS host keys and SHA-1 fingerprint).  It would be nice to see
RFC6594 support (ECDSA host keys and SHA-256 fingerprint).

Scanning output:

$ sshfp -s shoggoth.unzane.com
WARNING: Ignoring -k option, -s was passwd
# shoggoth.unzane.com SSH-2.0-OpenSSH_6.0p1
no hostkey alg
# shoggoth.unzane.com SSH-2.0-OpenSSH_6.0p1

shoggoth.unzane.com IN SSHFP 1 1 B4764630D756121FA89ED77AC7839D52BB0A286D

Records actually in use:

$ dig +short shoggoth.unzane.com sshfp
3 1 5096C6AF697F88370307969072EC4F7AD1D11EB9
3 2 9B153FCD1938A2C67FF8B0A5C99B8B6895C457025E23BE9A454B9F2E 953CA3A6
1 1 B4764630D756121FA89ED77AC7839D52BB0A286D
1 2 8D633E9CD3A54F2397B5D404E33A98230C2A740BD1D32DC4BD1E0AE8 52C4F836

The option to parse a known_hosts file fails when it encounters
ecdsa-sha2-nistp521 type entries:

$ sshfp -k ~/.ssh/known_hosts -a
Traceback (most recent call last):
  File "/usr/bin/sshfp", line 374, in <module>
    main()
  File "/usr/bin/sshfp", line 359, in main
    data = sshfp_from_file(khfile, args)
  File "/usr/bin/sshfp", line 127, in sshfp_from_file
    fingerprints.append(process_records(data, wantedHosts))
  File "/usr/bin/sshfp", line 169, in process_records
    if not check_keytype(keytype):
  File "/usr/bin/sshfp", line 136, in check_keytype
    print >> sys.stderr, "Could only find key type %s for %s" % (keytype, 
hostname)
NameError: global name 'hostname' is not defined

And how about those Ed25519 host keys introduced in OpenSSH 6.5 ;-)

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.12-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages hash-slinger depends on:
ii  libpython2.7-stdlib [python-argparse]  2.7.6-5
ii  openssh-client                         1:6.4p1-2
ii  python                                 2.7.5-5
ii  python-dnspython                       1.11.1-1
ii  python-gnupg                           0.3.5-2
ii  python-ipaddr                          2.1.10-1
ii  python-m2crypto                        0.21.1-3
ii  python-unbound                         1.4.21-1

hash-slinger recommends no packages.

hash-slinger suggests no packages.

-- no debconf information

-- 
Gerald Turner                                Encrypted mail preferred!
0xEC942276FDB8716D  CA89 B27A 30FA 66C5 1B80  3858 EC94 2276 FDB8 716D

Attachment: pgpzn6i2MeOFy.pgp
Description: PGP signature


--- End Message ---
--- Begin Message ---
Source: hash-slinger
Source-Version: 3.1-1
Done: Ondřej Surý <[email protected]>

We believe that the bug you reported is fixed in the latest version of
hash-slinger, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý <[email protected]> (supplier of updated hash-slinger package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 14 Feb 2021 17:40:02 +0100
Source: hash-slinger
Architecture: source
Version: 3.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian DNS Team <[email protected]>
Changed-By: Ondřej Surý <[email protected]>
Closes: 738490 738494 775048 780498 834971 899533 927132
Changes:
 hash-slinger (3.1-1) unstable; urgency=medium
 .
   * Update d/control (Closes: #899533)
   * Update d/watch, update d/gbp.conf
   * New upstream version 3.1 (Closes: #775048, #780498, #738494)
   * d/control: Port to python3 (Closes: #927132, #834971, #738490
   * Add ${python3:Depends} to Depends
   * Final touches to d/control: policy version, priority optional
Checksums-Sha1:
 8905c66eaad69d21fbeece23fe3bfc3311ee066d 2022 hash-slinger_3.1-1.dsc
 5b0a1d5f2e01cad244dda224efe36481c18fe3a0 38224 hash-slinger_3.1.orig.tar.gz
 21b649a42dc3ff5c9b23f95c3db9ec75956106d7 3532 hash-slinger_3.1-1.debian.tar.xz
 b61516ec5e9602934f301ab65fbc817c17843919 7147 
hash-slinger_3.1-1_amd64.buildinfo
Checksums-Sha256:
 989e41e533c07dcfca255f812f15dd12a4c3f1fc02346b2cdb4a171edc295141 2022 
hash-slinger_3.1-1.dsc
 2f0de62d561e585747732e44ce9ea5fcef93c75c95d66b684bd13b4e70374df6 38224 
hash-slinger_3.1.orig.tar.gz
 60aede8b3b64d73a4d249fe32d7b8eceb247a73ae6acfb95880ab299e94d1e53 3532 
hash-slinger_3.1-1.debian.tar.xz
 fcd0c26f4e341cd13518baa9d9d45a8997aa1c02deed8eb5b1c1718b0f197c09 7147 
hash-slinger_3.1-1_amd64.buildinfo
Files:
 7db6cdbbecbaee4943d0aeeb34831c0e 2022 utils optional hash-slinger_3.1-1.dsc
 45f79c562bad1a83298103d75f20531b 38224 utils optional 
hash-slinger_3.1.orig.tar.gz
 cf72355ac40167c1d6f6e71e35409fc2 3532 utils optional 
hash-slinger_3.1-1.debian.tar.xz
 a5c46c45e8d588c925ad6479943449cf 7147 utils optional 
hash-slinger_3.1-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmApU7hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz
NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u
WcJ0aQ//eGm0nmZKkg83ir1DdWmnOqlyverSvzDnkHl+/wF+8I4dP/Bu1CjagtpM
GRDvycXEWgw0hxaKM/Sm2xgbRJAbDk7risLPWXVbDpv5nr4pbtyzfAwx41TW/Trj
ri0uwRtXElHq1CCfNePhotZ8C/TrvzsFOvPUuKWiaoHBH4A1tQcqypcoMUv7v45V
qGMCmJK7k5VsYE4F73ttkitYDTIbT4qh8Iw23PMlMpIfU4p2Wq9zdOXn8EIEo7h/
ExYQND4axf9Y6vNl6xcxvsx3eHSSBYxBkmAo3UNJm3oKE40Zo8yQ5QsocPQBj81I
ChQiDCu2XLFtuCW/kcjZC2W6urbkAPLVg48eYTynB/seaj7Yl7sp50ujsm/mLAX9
hgAC9xio7Ev7D5XAgeGPKgJ7H+MttXEgAa9RZTw4JlcyUGG2Q38ft8wfC4ey3QfR
vd1/mx+NTckTUiHrC3QwCRnm+vb56fNmh49JBip5lM7U8s6v0nzFGuDNxyqMKqyV
YwVZurtr1gBRTIwWb8C8WAgmjp7OX4JyzIawGgPJqh4l6pI0NziK2qNmfBzggVj/
i1SMaLzBtcZMMIJKDGsi/sbcZ7DmeqOBDImBG3NNyJU+EcHst3GugJ7zVrHL+Ery
bHSGBF4rC9xW4hoEZ8omTbpNGS1ZfaJEN0yt4SsFRJ8Vrdoa5D8=
=X4Nt
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to