Secure Shell
Way to print fingerprint of a key in your known_hosts file? Jun 23 2010 03:39AM
Dan Mahoney, System Admin (danm prime gushi org)
Hello there,

The subject line says it all, really. How can I take a line from my
known-hosts file, and print the fingerprint of the thing.

Right now, I can extract it from my known-hosts file with ssh-keygen -F
and redirect that to a temporary file, and then run ssh-keygen -l, over
it, or ssh-keygen -l -v, or ssh-keygen -B...

I note that -l will not print a fingerprint if -B is on the same line. -B
seems to override -l (regardsless of which comes first).

I also note that -v prints the ascii art representation when used with -B
alone, though the manpage makes no reference to this intercompatibility.

Regardless, doing it in one sweep (extracting and fingerprinting) still
requires that intermediate step. ssh-keygen doesn't seem to accept the
standard -f - (stdin) argument, nor can I say -f /dev/stdin

So I suppose there are a few questions.

1) Does anyone have a better way to do this?

2) Is it worth filing feature requests to modify -f to accept stdin?

3) Is it worth filing a feature request to make -l and -B usable in the
same command?

4) Or in fact for those commands to work with -F, meaning "find any key
matching foo in my known_hosts and print the fingerprint in this format".

-Dan Mahoney


"There is no right and wrong, there is only fun and boring."

-Fisher Stevens, "Hackers"

--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus