On Tue, 8 Sep 2020, Patrik Lundin wrote: > Hello! > > I noticed the ssh client now allows you to paste a fingerprint at the > host key verification question which I thought was pretty cool and a > welcome feature. > > When testing it out I discovered it did not care about the case of the > entered hash, and looking at sshconnect.c I see strcasecmp() is > used which explains why. > > I'm just curious if this was a deliberate decision or if it would make > sense to actually care about the case since the base64 encoded sha256 > fingerprints contains a mix of upper and lower case characters. Yes, it should be case sensitive. I have committed a fix that will be in OpenSSH 8.4. Thanks, Damien _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
