[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#709493: openssh-client: [ssh-keygen] -r always gives same answer

On Thu, May 23, 2013 at 05:56:56PM +0200, Casper Gielen wrote:
> ssh-keygen -r appears to always give the same answer:
> 
> cgielen@drop:~$ ssh-keygen  -r abc
> abc IN SSHFP 1 1 3d028ca3dd0789fd7513819f30a1b2265d2d71d5
> abc IN SSHFP 1 2
> d1a4402f2f086c8354eaf2d9735a151b6e09a608139cf44d101a98aff1e9c3cd
> abc IN SSHFP 2 1 a876f8f071c7b65c1fe12403250dff66102d087a
> abc IN SSHFP 2 2
> 6ca23f4d36aca3c894498762ed11d1cda097f5be6fe73150e46de9a327305712

The documentation is perhaps confusing.  What this option means is
"print SSHFP records for my current set of host keys, with the argument
to -r as the host name so that I can copy and paste it into zone files".
You'll find that if you add an -f option and supply each of
/etc/ssh/ssh_host_*_key.pub as an argument to that, you'll get output
matching each of the pairs of lines above; or you can use other files,
although this option only makes sense with host keys, and you'd only
normally write DNS resource records for hosts you control.

Was this actually what you were trying to do?

Cheers,

-- 
Colin Watson                                       [cjwatson@debian.org]
Reply to: