Package: hash-slinger Version: 2.5-1 Severity: wishlist Dear Maintainer,
I got scanning to work, but it only supports the original RFC4255 spec (RSA/DSS host keys and SHA-1 fingerprint). It would be nice to see RFC6594 support (ECDSA host keys and SHA-256 fingerprint). Scanning output: $ sshfp -s shoggoth.unzane.com WARNING: Ignoring -k option, -s was passwd # shoggoth.unzane.com SSH-2.0-OpenSSH_6.0p1 no hostkey alg # shoggoth.unzane.com SSH-2.0-OpenSSH_6.0p1 shoggoth.unzane.com IN SSHFP 1 1 B4764630D756121FA89ED77AC7839D52BB0A286D Records actually in use: $ dig +short shoggoth.unzane.com sshfp 3 1 5096C6AF697F88370307969072EC4F7AD1D11EB9 3 2 9B153FCD1938A2C67FF8B0A5C99B8B6895C457025E23BE9A454B9F2E 953CA3A6 1 1 B4764630D756121FA89ED77AC7839D52BB0A286D 1 2 8D633E9CD3A54F2397B5D404E33A98230C2A740BD1D32DC4BD1E0AE8 52C4F836 The option to parse a known_hosts file fails when it encounters ecdsa-sha2-nistp521 type entries: $ sshfp -k ~/.ssh/known_hosts -a Traceback (most recent call last): File "/usr/bin/sshfp", line 374, in <module> main() File "/usr/bin/sshfp", line 359, in main data = sshfp_from_file(khfile, args) File "/usr/bin/sshfp", line 127, in sshfp_from_file fingerprints.append(process_records(data, wantedHosts)) File "/usr/bin/sshfp", line 169, in process_records if not check_keytype(keytype): File "/usr/bin/sshfp", line 136, in check_keytype print >> sys.stderr, "Could only find key type %s for %s" % (keytype, hostname) NameError: global name 'hostname' is not defined And how about those Ed25519 host keys introduced in OpenSSH 6.5 ;-) -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.12-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages hash-slinger depends on: ii libpython2.7-stdlib [python-argparse] 2.7.6-5 ii openssh-client 1:6.4p1-2 ii python 2.7.5-5 ii python-dnspython 1.11.1-1 ii python-gnupg 0.3.5-2 ii python-ipaddr 2.1.10-1 ii python-m2crypto 0.21.1-3 ii python-unbound 1.4.21-1 hash-slinger recommends no packages. hash-slinger suggests no packages. -- no debconf information -- Gerald Turner Encrypted mail preferred! 0xEC942276FDB8716D CA89 B27A 30FA 66C5 1B80 3858 EC94 2276 FDB8 716D
pgprXMobpIZkV.pgp
Description: PGP signature