search for: sshkey_fingerprint

...hostkeys, *ip_hostkeys; + struct sshkey *cert = NULL; u_int i; /* @@ -1189,13 +1190,20 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo, "type are already known for this host."); } else xextendf(&msg1, "", "."); - fp = sshkey_fingerprint(host_key, options.fingerprint_hash, SSH_FP_DEFAULT); ra = sshkey_fingerprint(host_key, options.fingerprint_hash, SSH_FP_RANDOMART); if (fp == NULL || ra == NULL) fatal_f("sshkey_fingerprint failed"); + if (cert) { + cafp = sshkey_fingerprint(cert->cert...

Hello. I am trying to play through the following test scenario about certificate revocation on Ubuntu 18.04, which has OpenSSH of this version: OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n? 7 Dec 2017 1. A CA key is created ssh-keygen -t ed25519 -f ca 2. The CA public key is added to ~/.ssh/authorized_keys on some server: cert-authority ssh-ed25519 AAAA...e ca at yoga 3. A user key is created on a

...*tab = idtab_lookup(version); + TAILQ_FOREACH(id, &tab->idlist, next) { + if (sshkey_equal_public(key, id->idkey->key) && + id->shadowed_key == NULL) return (id); } return (NULL); @@ -218,7 +266,7 @@ confirm_key(Identity *id) char *p; int ret = -1; - p = sshkey_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT); + p = sshkey_fingerprint(id->idkey->key, fingerprint_hash, SSH_FP_DEFAULT); if (p != NULL && ask_permission("Allow use of key %s?\nKey fingerprint %s.", id->comment, p)) @@ -256,14 +304,14 @@ process_request_ide...

...1,7 @@ char *server_version_string = NULL; Key *previous_host_key = NULL; static int matching_host_key_dns = 0; +static int dns_secure = 0; static pid_t proxy_command_pid = 0; @@ -972,13 +973,18 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, fatal("%s: sshkey_fingerprint fail", __func__); msg2[0] = '\0'; if (options.verify_host_key_dns) { - if (matching_host_key_dns) + if (!matching_host_key_dns) snprintf(msg2, sizeof(msg2), - "Matching host key fingerprint" + "No matching host key fingerprint"...

https://bugzilla.mindrot.org/show_bug.cgi?id=2686 Bug ID: 2686 Summary: SSHD segfaults when trying to load RSA1 host keys Product: Portable OpenSSH Version: 7.4p1 Hardware: Other OS: Linux Status: NEW Keywords: patch Severity: enhancement Priority: P5 Component: sshd

...nfiguration parsing. diff --git a/sshconnect2.c b/sshconnect2.c index 34dbf9a..fb24b5e 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1016,6 +1016,7 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) u_int skip = 0; int ret = -1; int have_sig = 1; + int i; char *fp; if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash, @@ -1053,6 +1054,33 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id) } buffer_put_string(&b, blob, bloblen); + /* If the key is an input certificate, sign its private key instead. + * If no such private key exists, return failure and contin...