Re: how is the sha fingerprint generated?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Tue, 30 Jun 2015, shawn wilson wrote:

> % cat ext_rsa.pub| sed -r 's/.*(AAAA[^ ]+).*/\1/' | sha256sum
> 
>   ~/.ssh swlap1
> d4bf8b06f2d9d9af7a11583a5367205ed310a84f0dee68d062e2ddca1e85c3ff  -
>  % ssh-keygen -lf ext_rsa.pub
> 
>    ~/.ssh swlap1
> 8192 SHA256:FgrfxmdjTM/j4wwRa7nVdPSUaJdqHYMJtJ6aciPl9ug swilson@swlap1 (RSA)
> 
> Why do those differ and how would i generate the equivalent (mainly
> just curious)? I've also tried base64 and a few other substitutions at
> the end and I can't get them to match (probably would save time to
> just look at the code, but...).

it's a hash over the decoded contents of the second field of the
public key line. In python:

import base64
import hashlib
keytext=open("/tmp/r.pub").read()
keydata=keytext.split()[1]
decoded=base64.b64decode(keydata)
rawhash=hashlib.sha256(decoded).digest()
texthash=base64.b64encode(rawhash)
print texthash


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux