Re: how is the sha fingerprint generated?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 30/06, Emmanuel Vadot wrote:

You really don't need openssl for that.

And the fingerprints are simple.
Here is a python script that do the same as ssh-keygen
-fl /path/to/key :

#!/usr/bin/env python3

import binascii
import hashlib
import sys

if __name__ == "__main__":
   key = binascii.a2b_base64(sys.argv[1])
   if sys.argv[2] == "md5":
       m = hashlib.new("md5")
       m.update(key)
       print(m.hexdigest())
   elif sys.argv[2] == "sha256":
       m = hashlib.new("sha256")
       m.update(key)
       print(binascii.b2a_base64(m.digest()).decode("utf8")[0:-1])

Do use it in production, do some test, but the general idea is there.


That doesn't actually work for either RSA nor Ed25519 keys?

Example: https://theos.kyriasis.com/~kyrias/s/mX8U0VzI5w.png

--
Sincerely,
 Johannes Löthberg
 PGP Key ID: 0x50FB9B273A9D0BB5
 https://theos.kyriasis.com/~kyrias/

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux