[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SecurityPortal re: Attacks on SSH and SSL
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: SecurityPortal re: Attacks on SSH and SSL
- From: "Crist J. Clark" <cjclark_(_at_)_reflexnet_(_dot_)_net>
- Date: Thu, 21 Dec 2000 00:41:34 -0800
- Reply-to: cjclark_(_at_)_alum_(_dot_)_mit_(_dot_)_edu
On Thu, Dec 21, 2000 at 03:32:17AM +0000, Jim Breton wrote:
> On Mon, Dec 18, 2000 at 06:07:33PM +0000, Lars Hecking wrote:
> > On a related note, is it possible (or does it actually make sense) to
> > generate a fingerprint for a DSA host key?
> > $ ssh-keygen -l -f /etc/ssh_host_dsa_key
> > /etc/ssh_host_dsa_key is not a valid key file.
> Does anyone know how to check the fingerprint of a DSA key? I noticed
> this too, Lars beat me to the post though. ;) This is definitely an
> important matter, unless I'm missing something.
Well, if you look at ssh-keygen.c, there is the little comment,
/* XXX RSA1 only */
Which may be a clue. It does not look like it is supported. Not sure
why at a quick glance... the key_fingerprint() call seems to work on
Crist J. Clark cjclark_(_at_)_alum_(_dot_)_mit_(_dot_)_edu