From db7b8171ee084cbbe3a5ec5ef26df88e17aa3905 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 1 Mar 2005 21:48:03 +1100 Subject: - djm@cvs.openbsd.org 2005/03/01 10:41:28 [ssh-keyscan.1 ssh-keyscan.c] option to hash hostnames output by ssh-keyscan; ok markus@ deraadt@ --- ssh-keyscan.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'ssh-keyscan.c') diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 3cb52ac2e..e94867004 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -7,7 +7,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keyscan.c,v 1.50 2004/08/11 21:44:32 avsm Exp $"); +RCSID("$OpenBSD: ssh-keyscan.c,v 1.51 2005/03/01 10:41:28 djm Exp $"); #include "openbsd-compat/sys-queue.h" @@ -28,6 +28,7 @@ RCSID("$OpenBSD: ssh-keyscan.c,v 1.50 2004/08/11 21:44:32 avsm Exp $"); #include "log.h" #include "atomicio.h" #include "misc.h" +#include "hostfile.h" /* Flag indicating whether IPv4 or IPv6. This can be set on the command line. Default value is AF_UNSPEC means both IPv4 and IPv6. */ @@ -41,6 +42,8 @@ int ssh_port = SSH_DEFAULT_PORT; int get_keytypes = KT_RSA1; /* Get only RSA1 keys by default */ +int hash_hosts = 0; /* Hash hostname on output */ + #define MAXMAXFD 256 /* The number of seconds after which to give up on a TCP connection */ @@ -366,10 +369,14 @@ keygrab_ssh2(con *c) static void keyprint(con *c, Key *key) { + char *host = c->c_output_name ? c->c_output_name : c->c_name; + if (!key) return; + if (hash_hosts && (host = host_hash(host, NULL, 0)) == NULL) + fatal("host_hash failed"); - fprintf(stdout, "%s ", c->c_output_name ? c->c_output_name : c->c_name); + fprintf(stdout, "%s ", host); key_write(key, stdout); fputs("\n", stdout); } @@ -676,7 +683,7 @@ fatal(const char *fmt,...) static void usage(void) { - fprintf(stderr, "usage: %s [-v46] [-p port] [-T timeout] [-t type] [-f file]\n" + fprintf(stderr, "usage: %s [-Hv46] [-p port] [-T timeout] [-t type] [-f file]\n" "\t\t [host | addrlist namelist] [...]\n", __progname); exit(1); @@ -700,8 +707,11 @@ main(int argc, char **argv) if (argc <= 1) usage(); - while ((opt = getopt(argc, argv, "v46p:T:t:f:")) != -1) { + while ((opt = getopt(argc, argv, "Hv46p:T:t:f:")) != -1) { switch (opt) { + case 'H': + hash_hosts = 1; + break; case 'p': ssh_port = a2port(optarg); if (ssh_port == 0) { -- cgit v1.2.3 From 9a2fdbd0d6e13dd28612a351561adb6b32b94bd5 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 2 Mar 2005 12:04:01 +1100 Subject: - jmc@cvs.openbsd.org 2005/03/01 15:47:14 [ssh-keyscan.1 ssh-keyscan.c] sort options and sync usage(); --- ChangeLog | 5 ++++- ssh-keyscan.1 | 44 ++++++++++++++++++++++---------------------- ssh-keyscan.c | 4 ++-- 3 files changed, 28 insertions(+), 25 deletions(-) (limited to 'ssh-keyscan.c') diff --git a/ChangeLog b/ChangeLog index d5161a0f0..3165f1225 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,6 +15,9 @@ - jmc@cvs.openbsd.org 2005/03/01 15:05:00 [ssh-keygen.1] whitespace; + - jmc@cvs.openbsd.org 2005/03/01 15:47:14 + [ssh-keyscan.1 ssh-keyscan.c] + sort options and sync usage(); 20050301 - (djm) OpenBSD CVS sync: @@ -2234,4 +2237,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3679 2005/03/02 01:03:43 djm Exp $ +$Id: ChangeLog,v 1.3680 2005/03/02 01:04:01 djm Exp $ diff --git a/ssh-keyscan.1 b/ssh-keyscan.1 index 63427e727..7e846f77c 100644 --- a/ssh-keyscan.1 +++ b/ssh-keyscan.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.19 2005/03/01 10:41:28 djm Exp $ +.\" $OpenBSD: ssh-keyscan.1,v 1.20 2005/03/01 15:47:14 jmc Exp $ .\" .\" Copyright 1995, 1996 by David Mazieres . .\" @@ -15,11 +15,11 @@ .Sh SYNOPSIS .Nm ssh-keyscan .Bk -words -.Op Fl Hv46 +.Op Fl 46Hv +.Op Fl f Ar file .Op Fl p Ar port .Op Fl T Ar timeout .Op Fl t Ar type -.Op Fl f Ar file .Op Ar host | addrlist namelist .Op Ar ... .Ek @@ -46,6 +46,25 @@ scanning process involve any encryption. .Pp The options are as follows: .Bl -tag -width Ds +.It Fl 4 +Forces +.Nm +to use IPv4 addresses only. +.It Fl 6 +Forces +.Nm +to use IPv6 addresses only. +.It Fl f Ar file +Read hosts or +.Pa addrlist namelist +pairs from this file, one per line. +If +.Pa - +is supplied instead of a filename, +.Nm +will read hosts or +.Pa addrlist namelist +pairs from the standard input. .It Fl H Hash all hostnames and addresses in the output. Hashed names may be used normally by @@ -76,30 +95,11 @@ for protocol version 2. Multiple values may be specified by separating them with commas. The default is .Dq rsa1 . -.It Fl f Ar filename -Read hosts or -.Pa addrlist namelist -pairs from this file, one per line. -If -.Pa - -is supplied instead of a filename, -.Nm -will read hosts or -.Pa addrlist namelist -pairs from the standard input. .It Fl v Verbose mode. Causes .Nm to print debugging messages about its progress. -.It Fl 4 -Forces -.Nm -to use IPv4 addresses only. -.It Fl 6 -Forces -.Nm -to use IPv6 addresses only. .El .Sh SECURITY If a ssh_known_hosts file is constructed using diff --git a/ssh-keyscan.c b/ssh-keyscan.c index e94867004..bc2c3b728 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -7,7 +7,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keyscan.c,v 1.51 2005/03/01 10:41:28 djm Exp $"); +RCSID("$OpenBSD: ssh-keyscan.c,v 1.52 2005/03/01 15:47:14 jmc Exp $"); #include "openbsd-compat/sys-queue.h" @@ -683,7 +683,7 @@ fatal(const char *fmt,...) static void usage(void) { - fprintf(stderr, "usage: %s [-Hv46] [-p port] [-T timeout] [-t type] [-f file]\n" + fprintf(stderr, "usage: %s [-46Hv] [-f file] [-p port] [-T timeout] [-t type]\n" "\t\t [host | addrlist namelist] [...]\n", __progname); exit(1); -- cgit v1.2.3