Your message dated Sun, 14 Feb 2021 17:04:28 +0000 with message-id <[email protected]> and subject line Bug#738494: fixed in hash-slinger 3.1-1 has caused the Debian Bug report #738494, regarding hash-slinger: sshfp doesn't support ECDSA host keys or SHA-2 fingerprints (RFC6594) to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 738494: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738494 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: hash-slinger Version: 2.5-1 Severity: wishlist Dear Maintainer, I got scanning to work, but it only supports the original RFC4255 spec (RSA/DSS host keys and SHA-1 fingerprint). It would be nice to see RFC6594 support (ECDSA host keys and SHA-256 fingerprint). Scanning output: $ sshfp -s shoggoth.unzane.com WARNING: Ignoring -k option, -s was passwd # shoggoth.unzane.com SSH-2.0-OpenSSH_6.0p1 no hostkey alg # shoggoth.unzane.com SSH-2.0-OpenSSH_6.0p1 shoggoth.unzane.com IN SSHFP 1 1 B4764630D756121FA89ED77AC7839D52BB0A286D Records actually in use: $ dig +short shoggoth.unzane.com sshfp 3 1 5096C6AF697F88370307969072EC4F7AD1D11EB9 3 2 9B153FCD1938A2C67FF8B0A5C99B8B6895C457025E23BE9A454B9F2E 953CA3A6 1 1 B4764630D756121FA89ED77AC7839D52BB0A286D 1 2 8D633E9CD3A54F2397B5D404E33A98230C2A740BD1D32DC4BD1E0AE8 52C4F836 The option to parse a known_hosts file fails when it encounters ecdsa-sha2-nistp521 type entries: $ sshfp -k ~/.ssh/known_hosts -a Traceback (most recent call last): File "/usr/bin/sshfp", line 374, in <module> main() File "/usr/bin/sshfp", line 359, in main data = sshfp_from_file(khfile, args) File "/usr/bin/sshfp", line 127, in sshfp_from_file fingerprints.append(process_records(data, wantedHosts)) File "/usr/bin/sshfp", line 169, in process_records if not check_keytype(keytype): File "/usr/bin/sshfp", line 136, in check_keytype print >> sys.stderr, "Could only find key type %s for %s" % (keytype, hostname) NameError: global name 'hostname' is not defined And how about those Ed25519 host keys introduced in OpenSSH 6.5 ;-) -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.12-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages hash-slinger depends on: ii libpython2.7-stdlib [python-argparse] 2.7.6-5 ii openssh-client 1:6.4p1-2 ii python 2.7.5-5 ii python-dnspython 1.11.1-1 ii python-gnupg 0.3.5-2 ii python-ipaddr 2.1.10-1 ii python-m2crypto 0.21.1-3 ii python-unbound 1.4.21-1 hash-slinger recommends no packages. hash-slinger suggests no packages. -- no debconf information -- Gerald Turner Encrypted mail preferred! 0xEC942276FDB8716D CA89 B27A 30FA 66C5 1B80 3858 EC94 2276 FDB8 716D
pgpzn6i2MeOFy.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---Source: hash-slinger Source-Version: 3.1-1 Done: Ondřej Surý <[email protected]> We believe that the bug you reported is fixed in the latest version of hash-slinger, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ondřej Surý <[email protected]> (supplier of updated hash-slinger package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 14 Feb 2021 17:40:02 +0100 Source: hash-slinger Architecture: source Version: 3.1-1 Distribution: unstable Urgency: medium Maintainer: Debian DNS Team <[email protected]> Changed-By: Ondřej Surý <[email protected]> Closes: 738490 738494 775048 780498 834971 899533 927132 Changes: hash-slinger (3.1-1) unstable; urgency=medium . * Update d/control (Closes: #899533) * Update d/watch, update d/gbp.conf * New upstream version 3.1 (Closes: #775048, #780498, #738494) * d/control: Port to python3 (Closes: #927132, #834971, #738490 * Add ${python3:Depends} to Depends * Final touches to d/control: policy version, priority optional Checksums-Sha1: 8905c66eaad69d21fbeece23fe3bfc3311ee066d 2022 hash-slinger_3.1-1.dsc 5b0a1d5f2e01cad244dda224efe36481c18fe3a0 38224 hash-slinger_3.1.orig.tar.gz 21b649a42dc3ff5c9b23f95c3db9ec75956106d7 3532 hash-slinger_3.1-1.debian.tar.xz b61516ec5e9602934f301ab65fbc817c17843919 7147 hash-slinger_3.1-1_amd64.buildinfo Checksums-Sha256: 989e41e533c07dcfca255f812f15dd12a4c3f1fc02346b2cdb4a171edc295141 2022 hash-slinger_3.1-1.dsc 2f0de62d561e585747732e44ce9ea5fcef93c75c95d66b684bd13b4e70374df6 38224 hash-slinger_3.1.orig.tar.gz 60aede8b3b64d73a4d249fe32d7b8eceb247a73ae6acfb95880ab299e94d1e53 3532 hash-slinger_3.1-1.debian.tar.xz fcd0c26f4e341cd13518baa9d9d45a8997aa1c02deed8eb5b1c1718b0f197c09 7147 hash-slinger_3.1-1_amd64.buildinfo Files: 7db6cdbbecbaee4943d0aeeb34831c0e 2022 utils optional hash-slinger_3.1-1.dsc 45f79c562bad1a83298103d75f20531b 38224 utils optional hash-slinger_3.1.orig.tar.gz cf72355ac40167c1d6f6e71e35409fc2 3532 utils optional hash-slinger_3.1-1.debian.tar.xz a5c46c45e8d588c925ad6479943449cf 7147 utils optional hash-slinger_3.1-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEw2Gx4wKVQ+vGJel9g3Kkd++uWcIFAmApU7hfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEMz NjFCMUUzMDI5NTQzRUJDNjI1RTk3RDgzNzJBNDc3RUZBRTU5QzIACgkQg3Kkd++u WcJ0aQ//eGm0nmZKkg83ir1DdWmnOqlyverSvzDnkHl+/wF+8I4dP/Bu1CjagtpM GRDvycXEWgw0hxaKM/Sm2xgbRJAbDk7risLPWXVbDpv5nr4pbtyzfAwx41TW/Trj ri0uwRtXElHq1CCfNePhotZ8C/TrvzsFOvPUuKWiaoHBH4A1tQcqypcoMUv7v45V qGMCmJK7k5VsYE4F73ttkitYDTIbT4qh8Iw23PMlMpIfU4p2Wq9zdOXn8EIEo7h/ ExYQND4axf9Y6vNl6xcxvsx3eHSSBYxBkmAo3UNJm3oKE40Zo8yQ5QsocPQBj81I ChQiDCu2XLFtuCW/kcjZC2W6urbkAPLVg48eYTynB/seaj7Yl7sp50ujsm/mLAX9 hgAC9xio7Ev7D5XAgeGPKgJ7H+MttXEgAa9RZTw4JlcyUGG2Q38ft8wfC4ey3QfR vd1/mx+NTckTUiHrC3QwCRnm+vb56fNmh49JBip5lM7U8s6v0nzFGuDNxyqMKqyV YwVZurtr1gBRTIwWb8C8WAgmjp7OX4JyzIawGgPJqh4l6pI0NziK2qNmfBzggVj/ i1SMaLzBtcZMMIJKDGsi/sbcZ7DmeqOBDImBG3NNyJU+EcHst3GugJ7zVrHL+Ery bHSGBF4rC9xW4hoEZ8omTbpNGS1ZfaJEN0yt4SsFRJ8Vrdoa5D8= =X4Nt -----END PGP SIGNATURE-----
--- End Message ---

