Package: sshfp Version: 1.2.2-4 Severity: wishlist Tags: patch When I run "sshfp -s localhost", with patch for #719442, I now get records for theses files: /etc/ssh/ssh_host_dsa_key.pub /etc/ssh/ssh_host_ecdsa_key.pub /etc/ssh/ssh_host_rsa_key.pub
But not for that one: /etc/ssh/ssh_host_ed25519_key.pub I expected sshfp to generate these. The attach patch fixes that. IANA assigned type 4 to that algorithm (DRAFT) https://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.xml -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (990, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages sshfp depends on: ii libpython2.7-stdlib [python-argparse] 2.7.8-11 ii openssh-client 1:6.7p1-3 ii python 2.7.8-2 ii python-dnspython 1.12.0-1 ii python-ipcalc 0.3-1 ii python-ldns 1.6.17-5+b1 pn python:any <none> sshfp recommends no packages. sshfp suggests no packages. -- no debconf information
Description: Add support for ed25519 algorithm Jessie ssh installation generates /etc/ssh/ssh_host_ed25519_key.pub IANA assigned RR type 4 to it [DRAFT]. See https://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.xml That patch adds support for that. Author: Jean-Michel Nirgal Vourgère <jmv_...@nirgal.com> Bug: https://github.com/xelerance/sshfp/issues/7 Last-Update: 2014-01-24 --- sshfp-1.2.2.orig/sshfp +++ sshfp-1.2.2/sshfp @@ -57,6 +57,8 @@ def create_sshfp(hostname, keytype, keyb keytype = "2" elif keytype == "ecdsa-sha2-nistp256": keytype = "3" + elif keytype == "ssh-ed25519": + keytype = "4" else: return "" try: @@ -323,9 +325,9 @@ def main(): action="append", type="choice", dest="algo", - choices=["rsa", "dsa", "ecdsa"], + choices=["rsa", "dsa", "ecdsa", "ed25519"], default=[], - help="key type to fetch (may be specified more than once, default dsa,rsa)") + help="key type to fetch (may be specified more than once, default dsa,rsa,ecdsa,ed25519)") parser.add_option("-n", "--nameserver", action="store", type="string", @@ -351,7 +353,7 @@ def main(): data = "" trailing = options.trailing_dot timeout = options.timeout - algos = options.algo or ["dsa", "rsa", "ecdsa"] + algos = options.algo or ["dsa", "rsa", "ecdsa", "ed25519"] all_hosts = options.all_hosts port = options.port fphashes = options.fphashes or ["sha1", "sha2"]
signature.asc
Description: OpenPGP digital signature