It does works with rsa, ecdsa and ed25519. For ed25519 you may need to remove the extra = (base64 padding byte) at the end of the sum. And I've been lying when I said it does the same as ssh-keygen -fl, the first argument must be the public key not the path. On Tue, 30 Jun 2015 18:43:36 +0200 Johannes Löthberg <johannes@xxxxxxxxxxxx> wrote: > On 30/06, Emmanuel Vadot wrote: > > > > You really don't need openssl for that. > > > > And the fingerprints are simple. > > Here is a python script that do the same as ssh-keygen > >-fl /path/to/key : > > > >#!/usr/bin/env python3 > > > >import binascii > >import hashlib > >import sys > > > >if __name__ == "__main__": > > key = binascii.a2b_base64(sys.argv[1]) > > if sys.argv[2] == "md5": > > m = hashlib.new("md5") > > m.update(key) > > print(m.hexdigest()) > > elif sys.argv[2] == "sha256": > > m = hashlib.new("sha256") > > m.update(key) > > print(binascii.b2a_base64(m.digest()).decode("utf8")[0:-1]) > > > > Do use it in production, do some test, but the general idea is there. > > > > That doesn't actually work for either RSA nor Ed25519 keys? > > Example: https://theos.kyriasis.com/~kyrias/s/mX8U0VzI5w.png > > -- > Sincerely, > Johannes Löthberg > PGP Key ID: 0x50FB9B273A9D0BB5 > https://theos.kyriasis.com/~kyrias/ -- Emmanuel Vadot <elbarto@xxxxxxxxx> _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev