diff --git a/ChangeLog b/ChangeLog index 0695b672a..1b2e5d8a9 100644 --- a/ChangeLog +++ b/ChangeLog @@ -11,6 +11,11 @@ we would send the modes corresponding to a zeroed struct termios, whereas we should have been sending an empty list of modes. Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@ + - djm@cvs.openbsd.org 2008/05/19 15:46:31 + [ssh-keygen.c] + support -l (print fingerprint) in combination with -F (find host) to + search for a host in ~/.ssh/known_hosts and display its fingerprint; + ok markus@ 20080604 - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias @@ -4042,4 +4047,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4940 2008/06/08 02:53:20 dtucker Exp $ +$Id: ChangeLog,v 1.4941 2008/06/08 02:54:29 dtucker Exp $ diff --git a/ssh-keygen.c b/ssh-keygen.c index 69b16e6f5..a03c6575d 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.165 2008/01/19 22:37:19 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.166 2008/05/19 15:46:31 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -600,12 +600,24 @@ do_fingerprint(struct passwd *pw) static void print_host(FILE *f, const char *name, Key *public, int hash) { - if (hash && (name = host_hash(name, NULL, 0)) == NULL) - fatal("hash_host failed"); - fprintf(f, "%s ", name); - if (!key_write(public, f)) - fatal("key_write failed"); - fprintf(f, "\n"); + if (print_fingerprint) { + enum fp_rep rep; + enum fp_type fptype; + char *fp; + + fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; + rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX; + fp = key_fingerprint(public, fptype, rep); + printf("%u %s %s\n", key_size(public), fp, name); + xfree(fp); + } else { + if (hash && (name = host_hash(name, NULL, 0)) == NULL) + fatal("hash_host failed"); + fprintf(f, "%s ", name); + if (!key_write(public, f)) + fatal("key_write failed"); + fprintf(f, "\n"); + } } static void @@ -1231,6 +1243,10 @@ main(int argc, char **argv) printf("Can only have one of -p and -c.\n"); usage(); } + if (print_fingerprint && (delete_host || hash_hosts)) { + printf("Cannot use -l with -D or -R.\n"); + usage(); + } if (delete_host || hash_hosts || find_host) do_known_hosts(pw, rr_hostname); if (print_fingerprint || print_bubblebabble)