[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SecurityPortal re: Attacks on SSH and SSL

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: SecurityPortal re: Attacks on SSH and SSL
From: "Crist J. Clark" <cjclark_(_at_)_reflexnet_(_dot_)_net>
Date: Thu, 21 Dec 2000 00:41:34 -0800
Reply-to: cjclark_(_at_)_alum_(_dot_)_mit_(_dot_)_edu

On Thu, Dec 21, 2000 at 03:32:17AM +0000, Jim Breton wrote:
> On Mon, Dec 18, 2000 at 06:07:33PM +0000, Lars Hecking wrote:
> >  
> >  On a related note, is it possible (or does it actually make sense) to
> >  generate a fingerprint for a DSA host key?
> >  
> > $ ssh-keygen -l -f /etc/ssh_host_dsa_key
> > /etc/ssh_host_dsa_key is not a valid key file.
> 
> Does anyone know how to check the fingerprint of a DSA key?  I noticed
> this too, Lars beat me to the post though.  ;)  This is definitely an
> important matter, unless I'm missing something.

Well, if you look at ssh-keygen.c, there is the little comment,

        /* XXX RSA1 only */

Which may be a clue. It does not look like it is supported. Not sure
why at a quick glance... the key_fingerprint() call seems to work on
DSA.

PR?
-- 
Crist J. Clark                           cjclark_(_at_)_alum_(_dot_)_mit_(_dot_)_edu

References:
- SecurityPortal re: Attacks on SSH and SSL
  - From: Mark Beihoffer
- Re: SecurityPortal re: Attacks on SSH and SSL
  - From: Lars Hecking
- Re: SecurityPortal re: Attacks on SSH and SSL
  - From: Jim Breton

Prev by Date: Re: SecurityPortal re: Attacks on SSH and SSL
Next by Date: [Slightly OT] Baltimore cryptos and TCP/IP MTU
Previous by thread: Re: SecurityPortal re: Attacks on SSH and SSL
Next by thread: Re: SecurityPortal re: Attacks on SSH and SSL
Index(es):
- Date
- Thread

Visit your host, monkey.org