Bug#776133: sshfp: Add support for ed25519

[Jean-Michel Nirgal Vourgère]

Package: sshfp
Version: 1.2.2-4
Severity: wishlist
Tags: patch

When I run "sshfp -s localhost", with patch for #719442, I now get
records for theses files:
/etc/ssh/ssh_host_dsa_key.pub
/etc/ssh/ssh_host_ecdsa_key.pub
/etc/ssh/ssh_host_rsa_key.pub

But not for that one:
/etc/ssh/ssh_host_ed25519_key.pub

I expected sshfp to generate these.

The attach patch fixes that.

IANA assigned type 4 to that algorithm (DRAFT)
https://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.xml

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (990, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages sshfp depends on:
ii  libpython2.7-stdlib [python-argparse]  2.7.8-11
ii  openssh-client                         1:6.7p1-3
ii  python                                 2.7.8-2
ii  python-dnspython                       1.12.0-1
ii  python-ipcalc                          0.3-1
ii  python-ldns                            1.6.17-5+b1
pn  python:any                             <none>

sshfp recommends no packages.

sshfp suggests no packages.

-- no debconf information

Description: Add support for ed25519 algorithm
 Jessie ssh installation generates /etc/ssh/ssh_host_ed25519_key.pub
 IANA assigned RR type 4 to it [DRAFT].
 See https://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.xml
 That patch adds support for that.
Author: Jean-Michel Nirgal Vourgère <jmv_...@nirgal.com>
Bug: https://github.com/xelerance/sshfp/issues/7
Last-Update: 2014-01-24

--- sshfp-1.2.2.orig/sshfp
+++ sshfp-1.2.2/sshfp
@@ -57,6 +57,8 @@ def create_sshfp(hostname, keytype, keyb
 		keytype = "2"
 	elif  keytype == "ecdsa-sha2-nistp256":
 		keytype = "3"
+	elif  keytype == "ssh-ed25519":
+		keytype = "4"
 	else:
 		return ""
 	try:
@@ -323,9 +325,9 @@ def main():
 			action="append",
 			type="choice",
 			dest="algo",
-			choices=["rsa", "dsa", "ecdsa"],
+			choices=["rsa", "dsa", "ecdsa", "ed25519"],
 			default=[],
-			help="key type to fetch (may be specified more than once, default dsa,rsa)")
+			help="key type to fetch (may be specified more than once, default dsa,rsa,ecdsa,ed25519)")
 	parser.add_option("-n", "--nameserver",
 			action="store",
 			type="string",
@@ -351,7 +353,7 @@ def main():
 	data = ""
 	trailing = options.trailing_dot
 	timeout = options.timeout
-	algos = options.algo or ["dsa", "rsa", "ecdsa"]
+	algos = options.algo or ["dsa", "rsa", "ecdsa", "ed25519"]
 	all_hosts = options.all_hosts
 	port = options.port
 	fphashes = options.fphashes or ["sha1", "sha2"]

signature.asc
Description: OpenPGP digital signature