summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRyan Harper <ryan.harper@canonical.com>2020-01-27 17:41:49 +0200
committerDaniel Watkins <oddbloke@ubuntu.com>2020-01-27 10:41:49 -0500
commit28aa8c5a16b67ea0226734eeadfa2c467701899d (patch)
treeb9550e577396f192107874ed18ecafe1851f9615
parentc99cfb21164b24644fec56013449b2b1e3b54fb3 (diff)
downloadvyos-cloud-init-28aa8c5a16b67ea0226734eeadfa2c467701899d.tar.gz
vyos-cloud-init-28aa8c5a16b67ea0226734eeadfa2c467701899d.zip
Print ssh key fingerprints using sha256 hash (#188)
LP: #1860789
-rwxr-xr-xcloudinit/config/cc_ssh_authkey_fingerprints.py8
1 files changed, 4 insertions, 4 deletions
diff --git a/cloudinit/config/cc_ssh_authkey_fingerprints.py b/cloudinit/config/cc_ssh_authkey_fingerprints.py
index dcf86fdc..7ac1c8cf 100755
--- a/cloudinit/config/cc_ssh_authkey_fingerprints.py
+++ b/cloudinit/config/cc_ssh_authkey_fingerprints.py
@@ -11,7 +11,7 @@ SSH Authkey Fingerprints
Write fingerprints of authorized keys for each user to log. This is enabled by
default, but can be disabled using ``no_ssh_fingerprints``. The hash type for
-the keys can be specified, but defaults to ``md5``.
+the keys can be specified, but defaults to ``sha256``.
**Internal name:** `` cc_ssh_authkey_fingerprints``
@@ -42,7 +42,7 @@ def _split_hash(bin_hash):
return split_up
-def _gen_fingerprint(b64_text, hash_meth='md5'):
+def _gen_fingerprint(b64_text, hash_meth='sha256'):
if not b64_text:
return ''
# TBD(harlowja): Maybe we should feed this into 'ssh -lf'?
@@ -65,7 +65,7 @@ def _is_printable_key(entry):
return False
-def _pprint_key_entries(user, key_fn, key_entries, hash_meth='md5',
+def _pprint_key_entries(user, key_fn, key_entries, hash_meth='sha256',
prefix='ci-info: '):
if not key_entries:
message = ("%sno authorized SSH keys fingerprints found for user %s.\n"
@@ -101,7 +101,7 @@ def handle(name, cfg, cloud, log, _args):
"logging of SSH fingerprints disabled"), name)
return
- hash_meth = util.get_cfg_option_str(cfg, "authkey_hash", "md5")
+ hash_meth = util.get_cfg_option_str(cfg, "authkey_hash", "sha256")
(users, _groups) = ug_util.normalize_users_groups(cfg, cloud.distro)
for (user_name, _cfg) in users.items():
(key_fn, key_entries) = ssh_util.extract_authorized_keys(user_name)