search for: fingerprint

When the user chooses to not verify the signatures on the indexes (using --no-check-signature), there is no point in requiring as many --fingerprint as --source (or even just one), as they will not be used anyway. In this case just ignore all the values of the specified --fingerprint arguments. --- builder/cmdline.ml | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/builder/cmdline.ml b/builder/cmdline.m...

...1 +++++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/builder/sigchecker.ml b/builder/sigchecker.ml index cb9144f..06c60ae 100644 --- a/builder/sigchecker.ml +++ b/builder/sigchecker.ml @@ -27,6 +27,7 @@ open Unix type t = { gpg : string; fingerprint : string; + subkeys_fingerprints : string list; check_signature : bool; gpghome : string; } @@ -63,7 +64,34 @@ let import_keyfile ~gpg ~gpghome ?(trust = true) keyfile = if r <> 0 then error (f_"GPG failure: could not trust the imported key\nUse the '-v' optio...

When a user encounters a new ssh host, the VisualHostKey option makes ssh display the visual fingerprint of the host's key. ssh-keygen also supports BubbleBabble fingerprinting, but i don't see a way to indicate that ssh should display the bubblebabble fingerprint upon encountering a new host key. It seems like it would be nice to make OpenSSH configurable about its choice of fingerprinting...

...mazing work you folks have been doing! I don't know if this is the proper place to talk about this, but this looks like the best place to start! I've been messing with the latest version of FLAC and as an end-user I have this problem. The verification process currently does not use the fingerprint file during verification. So, only the integrity of the FLAC file is checked. That's great if I only want to know that my files downloaded correctly and will decompress without problems. However, I also want to be certain that the audio contained within the FLAC file is identical to the orig...

https://bugzilla.mindrot.org/show_bug.cgi?id=3226 Bug ID: 3226 Summary: Feature request: Prempt fingerprint prompt when connecting to new server Product: Portable OpenSSH Version: 8.4p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassign...

https://bugzilla.mindrot.org/show_bug.cgi?id=2165 Bug ID: 2165 Summary: ssh option to prompt for fingerprint input Product: Portable OpenSSH Version: 5.9p1 Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: blobnor-...

http://bugzilla.mindrot.org/show_bug.cgi?id=112 ------- Additional Comments From dan at doxpara.com 2002-02-13 11:43 ------- Heh, I kinda like that. You should update the yes/no prompt to say that pasting the expected host key will result in appropriate testing, as well as providing some sort of error if the remote side *doesn't* match the key pasted in. I hadn't thought of cut

--- "Paino, Christopher L YN1(AW) (CPF N0084)" <PainoCL@cpf.navy.mil> wrote: > If I am understanding FLAC correctly, the internal MD5 sum is (or can > be > )different than the fingerprint file sum. Yes. > The internal sum can be > different > depending on which compression settings are used, while the audio > remains > unchanged. It's the other way around. Let me sum up my limited knowledge about how stuff is seeded: Shorten: UserA starts with WAV file UserA...

I''m a graduating student of IT right now and in a couple of months, we''ll be starting on a new project in the University. My group and I decided to create a voting system which requires Fingerprint scanner to identify the voters and make the voting process more secured. I still don''t know how biometrics fingerprint scanner works exactly and I''ve just started to do some research. So my question is, is it even possible that RoR can use a biometrics fingerprint scanner?...

Hi, Does anyone know what algorithm the commercial ssh-2.3.0 uses to display the key fingerprints ? On the manual it says the algorithm is 'bubble babble' but I didn't find out how to actually create this bubble string (I guess I could find out from the sources). I think that it would be a nice option if OpenSSH could print out the host keys fingerprint in same format as the comm...

...let gpgkey = match gpgkey with - | None -> Sigchecker.No_Key - | Some key -> Sigchecker.KeyFile key in + | None -> Utils.No_Key + | Some key -> Utils.KeyFile key in uri, gpgkey, proxy ) repos in let sources = List.map ( fun (source, fingerprint) -> - source, Sigchecker.Fingerprint fingerprint, Downloader.SystemProxy + source, Utils.Fingerprint fingerprint, Downloader.SystemProxy ) sources in let sources = List.append repos sources in let index : Index_parser.index = diff --git a/builder/list_entries.ml b/builder/list...

hi, i found this explanation of the flac fingerprint somewhere: 'A FLAC Fingerprint is generated only for the audio data portion of the file. (Therefore, changing the filename or the tags or FlacMetadata does not change the fingerprint calculation.) In contrast, an .md5 is generated against the whole file, including header portions.' so i w...

https://bugzilla.mindrot.org/show_bug.cgi?id=2493 Bug ID: 2493 Summary: Accept host key fingerprint as the same as 'yes' Product: Portable OpenSSH Version: 6.9p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org...

...em is that the address of the global variable loaded into AX is not necessarily aligned; as it isn't in our case, which leads to the crash. Here's is the code; it is loading the address of a global variable into AX, and tries to copy the data member, coming from the following class: MD5::FingerPrint cutDataCheckSum = ::gFloorPlanCutData.GetCutDataCheckSum (); memcpy (elemData->cutDataCheckSum, cutDataCheckSum.data, sizeof (elemData->cutDataCheckSum)); namespace MD5 { class GSROOT_DLL_EXPORT FingerPrint { public: FingerPrint (); virtual ~FingerPrint () {}; FingerPrint (unsigned c...

...ure all the available sources of indexes used. This also removes the hardcoded default location, replaced now with a configuration file (which may be not used at all). Thanks, Pino Toscano (8): builder: allow "no key" as key in Sigchecker builder: use Sigchecker.gpgkey_type for the fingerprint builder: add functions to read XDG_CONFIG_DIRS and XDG_CONFIG_PATH builder: extract the default key to file builder: switch sources to .conf files builder: remove VIRT_BUILDER_SOURCE and VIRT_BUILDER_FINGERPRINT builder: remove the default fingerprint/pubkey builder: update documentatio...

...ch, it's undergone minimal testing and "works for me" and I'm after feedback as to acceptability of approach, anything I should be doing differently for the feature to be acceptable upstream and what I should be doing about automated testing. Use-case: you have the host's SSH fingerprints via an out-of-band mechanism which you trust and want to be able to connect and have verification use those known-good fingerprints and, if they match, update known_hosts. In our case, we use Amazon EC2, and I scripted up something which can use the AWS APIs to grab the serial console from a rece...

...er or from an unknown computer (for instance giving access to a shell versus allowing only scp/sftp in a chrooted environment). Using the IP address is not a solution since a trusted computer can be a laptop that is connected somewhere on Internet. One solution could be to use the client?public key fingerprint;?the server would then keep a white list of public key fingerprints that represent the trusted computers. However I can't find a way to implement this. I tried with the Match directive, but this one doesn't take such parameter I tried too with a ForceCommand, but fount no way to configure...

In windows command line: I have a wav file and would like to see what the flac fingerprint would be. To do this I run flac to encode the wav file and write the flac file to the hard disk. I then run metaflac to read the flac file and display the fingerprint. Is there an existing way or other utility to do this without generating the flac file on the hard disk. I would think it could be...

An enthusiastic FLAC user on another list to which I subscribe said that FLAC has a function to display on screen the stored fingerprint that a FLAC file has of its source WAV. That sounds wonderful, because it allows a user to see whether two differing FLAC files might come from the same WAV but have been compressed with different sets of options, and therefore they would decompress to identical WAVs. Merely verifying that a FLAC...

...mall issue with DNSSEC validation of SSHFP lookups. (For reference I used OpenSSH 6.8p1 on FreeBSD 10.1). The issues is that when DNSSEC valiation fails, ssh displays a confusing message to the user. When DNSSEC validation of a SSHFP record fails, ssh presents the user with "Matching host key fingerprint found in DNS. "Are you sure you want to continue connecting (yes/no)? (For example $ ./ssh -o 'VerifyHostKeyDNS True' fx.dnssec-broken.phicoh.nl Which has an intentionally broken DNSSEC delegation) I propose to change that to: "The DNS lookup was not secure, however a matching...