Package: sshfp
Version: 1.2.2-4
Severity: wishlist
Tags: patch
When I run sshfp -s localhost, with patch for #719442, I now get
records for theses files:
/etc/ssh/ssh_host_dsa_key.pub
/etc/ssh/ssh_host_ecdsa_key.pub
/etc/ssh/ssh_host_rsa_key.pub
But not for that one:
/etc/ssh/ssh_host_ed25519_key.pub
I expected sshfp to generate these.
The attach patch fixes that.
IANA assigned type 4 to that algorithm (DRAFT)
https://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.xml
-- System Information:
Debian Release: 8.0
APT prefers testing
APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages sshfp depends on:
ii libpython2.7-stdlib [python-argparse] 2.7.8-11
ii openssh-client 1:6.7p1-3
ii python 2.7.8-2
ii python-dnspython 1.12.0-1
ii python-ipcalc 0.3-1
ii python-ldns1.6.17-5+b1
pn python:any none
sshfp recommends no packages.
sshfp suggests no packages.
-- no debconf information
Description: Add support for ed25519 algorithm
Jessie ssh installation generates /etc/ssh/ssh_host_ed25519_key.pub
IANA assigned RR type 4 to it [DRAFT].
See https://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.xml
That patch adds support for that.
Author: Jean-Michel Nirgal Vourgère jmv_...@nirgal.com
Bug: https://github.com/xelerance/sshfp/issues/7
Last-Update: 2014-01-24
--- sshfp-1.2.2.orig/sshfp
+++ sshfp-1.2.2/sshfp
@@ -57,6 +57,8 @@ def create_sshfp(hostname, keytype, keyb
keytype = 2
elif keytype == ecdsa-sha2-nistp256:
keytype = 3
+ elif keytype == ssh-ed25519:
+ keytype = 4
else:
return
try:
@@ -323,9 +325,9 @@ def main():
action=append,
type=choice,
dest=algo,
- choices=[rsa, dsa, ecdsa],
+ choices=[rsa, dsa, ecdsa, ed25519],
default=[],
- help=key type to fetch (may be specified more than once, default dsa,rsa))
+ help=key type to fetch (may be specified more than once, default dsa,rsa,ecdsa,ed25519))
parser.add_option(-n, --nameserver,
action=store,
type=string,
@@ -351,7 +353,7 @@ def main():
data =
trailing = options.trailing_dot
timeout = options.timeout
- algos = options.algo or [dsa, rsa, ecdsa]
+ algos = options.algo or [dsa, rsa, ecdsa, ed25519]
all_hosts = options.all_hosts
port = options.port
fphashes = options.fphashes or [sha1, sha2]
signature.asc
Description: OpenPGP digital signature