summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2008-06-13 04:40:35 +1000
committerDarren Tucker <dtucker@zip.com.au>2008-06-13 04:40:35 +1000
commit9c16ac926376ad87084ae78bac44a813ae5db21f (patch)
tree438b335d17d91d45c9c77fba9339816b2bf2dbf9 /ssh-keygen.c
parent1199673393661ceafc3141e5df43c53e9acdba2f (diff)
- grunk@cvs.openbsd.org 2008/06/11 21:01:35
[ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c sshconnect.c] Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the graphical hash visualization schemes known as "random art", and by Dan Kaminsky's musings on the subject during a BlackOp talk at the 23C3 in Berlin. Scientific publication (original paper): "Hash Visualization: a New Technique to improve Real-World Security", Perrig A. and Song D., 1999, International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99) http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf The algorithm used here is a worm crawling over a discrete plane, leaving a trace (augmenting the field) everywhere it goes. Movement is taken from dgst_raw 2bit-wise. Bumping into walls makes the respective movement vector be ignored for this turn, thus switching to the other color of the chessboard. Graphs are not unambiguous for now, because circles in graphs can be walked in either direction. discussions with several people, help, corrections and ok markus@ djm@
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r--ssh-keygen.c21
1 files changed, 17 insertions, 4 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index a03c6575d..c22e814da 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.166 2008/05/19 15:46:31 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.167 2008/06/11 21:01:35 grunk Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -504,7 +504,7 @@ do_fingerprint(struct passwd *pw)
504{ 504{
505 FILE *f; 505 FILE *f;
506 Key *public; 506 Key *public;
507 char *comment = NULL, *cp, *ep, line[16*1024], *fp; 507 char *comment = NULL, *cp, *ep, line[16*1024], *fp, *ra;
508 int i, skip = 0, num = 0, invalid = 1; 508 int i, skip = 0, num = 0, invalid = 1;
509 enum fp_rep rep; 509 enum fp_rep rep;
510 enum fp_type fptype; 510 enum fp_type fptype;
@@ -522,9 +522,12 @@ do_fingerprint(struct passwd *pw)
522 public = key_load_public(identity_file, &comment); 522 public = key_load_public(identity_file, &comment);
523 if (public != NULL) { 523 if (public != NULL) {
524 fp = key_fingerprint(public, fptype, rep); 524 fp = key_fingerprint(public, fptype, rep);
525 ra = key_fingerprint(public, fptype, rep);
525 printf("%u %s %s\n", key_size(public), fp, comment); 526 printf("%u %s %s\n", key_size(public), fp, comment);
527 verbose("%s\n", ra);
526 key_free(public); 528 key_free(public);
527 xfree(comment); 529 xfree(comment);
530 xfree(ra);
528 xfree(fp); 531 xfree(fp);
529 exit(0); 532 exit(0);
530 } 533 }
@@ -582,8 +585,11 @@ do_fingerprint(struct passwd *pw)
582 } 585 }
583 comment = *cp ? cp : comment; 586 comment = *cp ? cp : comment;
584 fp = key_fingerprint(public, fptype, rep); 587 fp = key_fingerprint(public, fptype, rep);
588 ra = key_fingerprint(public, fptype, SSH_FP_RANDOMART);
585 printf("%u %s %s\n", key_size(public), fp, 589 printf("%u %s %s\n", key_size(public), fp,
586 comment ? comment : "no comment"); 590 comment ? comment : "no comment");
591 verbose("%s\n", ra);
592 xfree(ra);
587 xfree(fp); 593 xfree(fp);
588 key_free(public); 594 key_free(public);
589 invalid = 0; 595 invalid = 0;
@@ -603,12 +609,14 @@ print_host(FILE *f, const char *name, Key *public, int hash)
603 if (print_fingerprint) { 609 if (print_fingerprint) {
604 enum fp_rep rep; 610 enum fp_rep rep;
605 enum fp_type fptype; 611 enum fp_type fptype;
606 char *fp; 612 char *fp, *ra;
607 613
608 fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; 614 fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5;
609 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX; 615 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX;
610 fp = key_fingerprint(public, fptype, rep); 616 fp = key_fingerprint(public, fptype, rep);
611 printf("%u %s %s\n", key_size(public), fp, name); 617 ra = key_fingerprint(public, fptype, SSH_FP_RANDOMART);
618 printf("%u %s %s\n%s\n", key_size(public), fp, name, ra);
619 xfree(ra);
612 xfree(fp); 620 xfree(fp);
613 } else { 621 } else {
614 if (hash && (name = host_hash(name, NULL, 0)) == NULL) 622 if (hash && (name = host_hash(name, NULL, 0)) == NULL)
@@ -1451,10 +1459,15 @@ passphrase_again:
1451 1459
1452 if (!quiet) { 1460 if (!quiet) {
1453 char *fp = key_fingerprint(public, SSH_FP_MD5, SSH_FP_HEX); 1461 char *fp = key_fingerprint(public, SSH_FP_MD5, SSH_FP_HEX);
1462 char *ra = key_fingerprint(public, SSH_FP_MD5,
1463 SSH_FP_RANDOMART);
1454 printf("Your public key has been saved in %s.\n", 1464 printf("Your public key has been saved in %s.\n",
1455 identity_file); 1465 identity_file);
1456 printf("The key fingerprint is:\n"); 1466 printf("The key fingerprint is:\n");
1457 printf("%s %s\n", fp, comment); 1467 printf("%s %s\n", fp, comment);
1468 printf("The key's randomart image is:\n");
1469 printf("%s\n", ra);
1470 xfree(ra);
1458 xfree(fp); 1471 xfree(fp);
1459 } 1472 }
1460 1473
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-04 09:47:45 +0000