summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog7
-rw-r--r--ssh-keygen.c30
2 files changed, 29 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index 0695b672a..1b2e5d8a9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -11,6 +11,11 @@
11 we would send the modes corresponding to a zeroed struct termios, 11 we would send the modes corresponding to a zeroed struct termios,
12 whereas we should have been sending an empty list of modes. 12 whereas we should have been sending an empty list of modes.
13 Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@ 13 Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@
14 - djm@cvs.openbsd.org 2008/05/19 15:46:31
15 [ssh-keygen.c]
16 support -l (print fingerprint) in combination with -F (find host) to
17 search for a host in ~/.ssh/known_hosts and display its fingerprint;
18 ok markus@
14 19
1520080604 2020080604
16 - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias 21 - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias
@@ -4042,4 +4047,4 @@
4042 OpenServer 6 and add osr5bigcrypt support so when someone migrates 4047 OpenServer 6 and add osr5bigcrypt support so when someone migrates
4043 passwords between UnixWare and OpenServer they will still work. OK dtucker@ 4048 passwords between UnixWare and OpenServer they will still work. OK dtucker@
4044 4049
4045$Id: ChangeLog,v 1.4940 2008/06/08 02:53:20 dtucker Exp $ 4050$Id: ChangeLog,v 1.4941 2008/06/08 02:54:29 dtucker Exp $
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 69b16e6f5..a03c6575d 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.165 2008/01/19 22:37:19 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.166 2008/05/19 15:46:31 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -600,12 +600,24 @@ do_fingerprint(struct passwd *pw)
600static void 600static void
601print_host(FILE *f, const char *name, Key *public, int hash) 601print_host(FILE *f, const char *name, Key *public, int hash)
602{ 602{
603 if (hash && (name = host_hash(name, NULL, 0)) == NULL) 603 if (print_fingerprint) {
604 fatal("hash_host failed"); 604 enum fp_rep rep;
605 fprintf(f, "%s ", name); 605 enum fp_type fptype;
606 if (!key_write(public, f)) 606 char *fp;
607 fatal("key_write failed"); 607
608 fprintf(f, "\n"); 608 fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5;
609 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX;
610 fp = key_fingerprint(public, fptype, rep);
611 printf("%u %s %s\n", key_size(public), fp, name);
612 xfree(fp);
613 } else {
614 if (hash && (name = host_hash(name, NULL, 0)) == NULL)
615 fatal("hash_host failed");
616 fprintf(f, "%s ", name);
617 if (!key_write(public, f))
618 fatal("key_write failed");
619 fprintf(f, "\n");
620 }
609} 621}
610 622
611static void 623static void
@@ -1231,6 +1243,10 @@ main(int argc, char **argv)
1231 printf("Can only have one of -p and -c.\n"); 1243 printf("Can only have one of -p and -c.\n");
1232 usage(); 1244 usage();
1233 } 1245 }
1246 if (print_fingerprint && (delete_host || hash_hosts)) {
1247 printf("Cannot use -l with -D or -R.\n");
1248 usage();
1249 }
1234 if (delete_host || hash_hosts || find_host) 1250 if (delete_host || hash_hosts || find_host)
1235 do_known_hosts(pw, rr_hostname); 1251 do_known_hosts(pw, rr_hostname);
1236 if (print_fingerprint || print_bubblebabble) 1252 if (print_fingerprint || print_bubblebabble)