mandos-keygen --password generates malformed config with ssh-keyscan >= 9.8
Teddy Hogeborn
teddy at recompile.se
Fri Nov 15 12:00:45 CET 2024
bb <bb at tsufeki.eu> writes:
> openssh's ssh-keyscan since [version 9.8][1] includes comments in
> standard output:
>
> $ ssh-keyscan -t ecdsa-sha2-nistp256 localhost 2>/dev/null
> # localhost:22 SSH-2.0-OpenSSH_9.9p1 Debian-3
> localhost ecdsa-sha2-nistp256 AAAA...4=
>
> This causes mandos-keygen --password to emit malformed config:
> ssh_fingerprint includes both lines, second one is not indented.
> Checker command would not work well with such value anyway.
>
> Precisely, packages I used are from Debian testing amd64:
>
> * mandos-client 1.8.17-1
> * openssh-client 1:9.9p1-3
Thank you! Fixed in trunk.
/Teddy Hogeborn
--
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 861 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20241115/a88785f9/attachment.sig>
More information about the Mandos-Dev
mailing list