From owner-freebsd-security Fri Jul 27 8:57:52 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.webmonster.de (datasink.webmonster.de [194.162.162.209]) by hub.freebsd.org (Postfix) with SMTP id B3CE537B403 for ; Fri, 27 Jul 2001 08:57:46 -0700 (PDT) (envelope-from karsten@rohrbach.de) Received: (qmail 26846 invoked by uid 1000); 27 Jul 2001 16:08:44 -0000 Date: Fri, 27 Jul 2001 18:08:44 +0200 From: "Karsten W. Rohrbach" To: Scott Johnson , freebsd-security@freebsd.org Subject: Re: ssh_host_dsa_key fingerprint Message-ID: <20010727180844.M23159@mail.webmonster.de> Mail-Followup-To: "Karsten W. Rohrbach" , Scott Johnson , freebsd-security@freebsd.org References: <20010727011647.A69806@sjohn.airlinksys.com> <20010727170448.I23159@mail.webmonster.de> <20010727182433.A1105@ringworld.oblivion.bg> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="W4pDZ/VvazBYHhxQ" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010727182433.A1105@ringworld.oblivion.bg>; from roam@orbitel.bg on Fri, Jul 27, 2001 at 06:24:33PM +0300 X-Arbitrary-Number-Of-The-Day: 42 X-URL: http://www.webmonster.de/ X-Disclaimer: My opinions do not necessarily represent those of my employer Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --W4pDZ/VvazBYHhxQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Peter Pentchev(roam@orbitel.bg)@2001.07.27 18:24:33 +0000: > On Fri, Jul 27, 2001 at 05:04:48PM +0200, Karsten W. Rohrbach wrote: > > Scott Johnson(sjohn@airlinksys.com)@2001.07.27 01:16:47 +0000: > > > If you're like me and wondered how to get a fingerprint for your DSA = host > > > key: start ssh-agent, add the host key, and list your keys. > > >=20 > > > If you don't care or already figured out a way, disregard this messag= e. > > > :-) > >=20 > > man ssh-keygen(1): > >=20 > > -l Show fingerprint of specified private or public key file. >=20 > Does this work for DSA though? >=20 > [root@ringworld:v3 ~]# ssh-keygen -lf /etc/ssh/ssh_host_dsa_key > /etc/ssh/ssh_host_dsa_key is not a valid key file. > [root@ringworld:v3 ~]# ssh-keygen -lf /etc/ssh/ssh_host_key > 1024 fc:1f:cf:8c:5c:dc:10:d7:80:21:a3:cc:3b:b2:9f:9d root@ringworld.offic= e1.bg > [root@ringworld:v3 ~]# >=20 > Seems to work OK for the RSA host key.. > This is on a -stable rebuilt today: >=20 > [root@ringworld:v3 ~]# ssh -V > SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions 1= .5/2.0. > Compiled with SSL (0x0090601f). peter, as always, you are right. this works only for rsa keys. my fault ;-) /k --=20 > "Her figure described a set of parabolas that could cause cardiac arrest > in a yak." --Woody Allen KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.n= et/ karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 B= F46 Please do not remove my address from To: and Cc: fields in mailing lists. 1= 0x --W4pDZ/VvazBYHhxQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7YZIMM0BPTilkv0YRApZ7AJ48aKWe62iDeobYc1XXJtSSxLCD2wCfeWWL GJfo47iBC8IJJILUqOxBzmQ= =0/ot -----END PGP SIGNATURE----- --W4pDZ/VvazBYHhxQ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message