On Tue, Jun 30, 2015 at 10:12 AM, Johannes Löthberg <johannes@xxxxxxxxxxxx> wrote: > On 30/06, Johannes Löthberg wrote: >> >> On 30/06, shawn wilson wrote: >>> >>> % cat ext_rsa.pub| sed -r 's/.*(AAAA[^ ]+).*/\1/' | sha256sum >>> >>> ~/.ssh swlap1 >>> d4bf8b06f2d9d9af7a11583a5367205ed310a84f0dee68d062e2ddca1e85c3ff - >>> % ssh-keygen -lf ext_rsa.pub >>> >>> ~/.ssh swlap1 >>> 8192 SHA256:FgrfxmdjTM/j4wwRa7nVdPSUaJdqHYMJtJ6aciPl9ug swilson@swlap1 >>> (RSA) >>> >>> Why do those differ and how would i generate the equivalent (mainly >>> just curious)? I've also tried base64 and a few other substitutions at >>> the end and I can't get them to match (probably would save time to >>> just look at the code, but...). >> >> >> It's not simply a checksum of the key file. You need to extract the >> exponent and prime from the public key, then append those to a specific >> string of bits, then get a SHA256 digest of that, and then base64 encode >> that. >> >> https://github.com/kyrias/bin/blob/master/ssh-gen-fprint has an example >> implementation of `ssh-keygen -lf` in Ruby. >> > > Oh, and support for ECC keys aren't implemented because OpenSSL doesn't > support it yet. :/ > Heh, I noticed that- makes sense :) And thanks _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
