On 30/06, Emmanuel Vadot wrote:
You really don't need openssl for that. And the fingerprints are simple. Here is a python script that do the same as ssh-keygen -fl /path/to/key : #!/usr/bin/env python3 import binascii import hashlib import sys if __name__ == "__main__": key = binascii.a2b_base64(sys.argv[1]) if sys.argv[2] == "md5": m = hashlib.new("md5") m.update(key) print(m.hexdigest()) elif sys.argv[2] == "sha256": m = hashlib.new("sha256") m.update(key) print(binascii.b2a_base64(m.digest()).decode("utf8")[0:-1]) Do use it in production, do some test, but the general idea is there.
That doesn't actually work for either RSA nor Ed25519 keys? Example: https://theos.kyriasis.com/~kyrias/s/mX8U0VzI5w.png -- Sincerely, Johannes Löthberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev