https://bugzilla.mindrot.org/show_bug.cgi?id=2332
Max Polk <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|FIXED |--- Status|RESOLVED |REOPENED CC| |[email protected] --- Comment #8 from Max Polk <[email protected]> --- Request for two small man page documentation changes. The 6.8 release notes state, "The default changes from MD5 to SHA256 and format from hex to base64" for host fingerprint display in ssh, and on the server in ssh-keygen when looking at the server key in order to compare. I discovered that when a 6.8 ssh client connects to a 6.7 or older server, the server side ssh-keygen doesn't have the new "-E" option, and still shows you only the md5-based, hex-formatted, key. The suggested command in the ssh man page doesn't help: $ ssh-keygen -l -f /etc/ssh_host_rsa_key To verify, the option on the client side is to downgrade ssh to use the md5 fingerprint: $ ssh -o FingerprintHash=md5 HOST To verify, the option on the server side is to manually calculate the new style fingerprint: $ cat /etc/ssh/ssh_host_ecdsa_key.pub | cut -d ' ' -f 2 | base64 -d | openssl sha256 -binary | base64 Can the ssh documentation be updated, under the "VERIFYING HOST KEYS" manual section, to state how to downgrade to md5 when connecting to older hosts? Or if not, could the option "FingerprintHash" at least be mentioned there? That special option is mentioned only once later in the long listing of options under the -o stanza. I ask this, because getting verification to work with the new ssh client was very difficult. I thought I lost the capability and ended up coming up with that manual server-side way to calculate the new style finterprint: SERVER public key file: base64(binarykey) SSH command: base64(sha256(binarykey)) SSH-KEYGEN command: hex(md5(binarykey)) # older server It is a huge usability problem to seemingly lose this verification going between 6.8 client and 6.7 and older server. It was not lost, just difficult to discover, so I'm reopening this for two documentation updates to make the user experience a lot easier when they face the same problem I did. Also, can we update the ssh_config documentation to note that not only is the hash being switched, but also the format (base64 vs hex)? Client downgrading from sha256 to md5 using FingerprintHash switches from sha256 to md5 (as documented), but it also switches the formatting from base64 to hex (not documented). Example: SHA256:mIfDbTHZHp8n8HT/R04oKL2lzXwje8A07P6WTjEp20A MD5:bc:b1:82:45:1c:94:ae:cf:bd:b3:8f:63:75:0c:2f:f3 -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
