Created
March 8, 2012 13:58
-
-
Save endemics/2001086 to your computer and use it in GitHub Desktop.
authkeys-report - create a table with ssh keys type/strength/finger print from authorized_keys. no known licence, copied from http://unix.stackexchange.com/questions/2116/given-keys-in-ssh-authorized-keys-format-can-you-determine-key-strength-easi
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# usage: authkeys-report <authorized_keys-file> | |
set -ue | |
tmp="$(mktemp -t fingerprint-authkeys.XXXXXXXX)" | |
trap 'rm -f "$tmp"' 0 | |
while read opts key; do | |
case "$opts" in | |
[0-9]*|ssh-dss|ssh-rsa) | |
# not options, first "word" is part of key | |
key="$opts $key" | |
;; | |
esac | |
echo "$key" >$tmp | |
set -- $(ssh-keygen -lf "$tmp") | |
bits="$1" fingerprint="$2" | |
set -- $key # Note: will mangle whitespace in the comment | |
case "$1" in | |
[0-9]*) # SSH v1 key | |
type=rsa1 | |
shift 3 | |
;; | |
ssh-rsa|ssh-dss) # SSH v2 key | |
type="$1" | |
shift 2 | |
;; | |
*) | |
type=unknown | |
set -- | |
;; | |
esac | |
printf '%-14s %-9s %s %s\n' "$type" "$bits" "$fingerprint" "$*" | |
done <$1 |
On Wed, Mar 14, 2012 at 8:39 PM, Shawn Willden ***@***.*** wrote:
I believe ssh-keygen -l produces MD5 fingerprints, not SHA1 fingerprints. So if you need SHA1, this won't do it.
---
Reply to this email directly or view it on GitHub:
https://gist.github.com/2001086
Mmh true the fingerprint seems top be MD5. I blindly copied the info
from the stack exchange page without checking.
I've just edited the gist presentation to remove mention of the
hashing protocol to correct that.
Cheers
Gildas
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I believe ssh-keygen -l produces MD5 fingerprints, not SHA1 fingerprints. So if you need SHA1, this won't do it.