diff options
author | Ryan Harper <ryan.harper@canonical.com> | 2020-01-27 17:41:49 +0200 |
---|---|---|
committer | Daniel Watkins <oddbloke@ubuntu.com> | 2020-01-27 10:41:49 -0500 |
commit | 28aa8c5a16b67ea0226734eeadfa2c467701899d (patch) | |
tree | b9550e577396f192107874ed18ecafe1851f9615 | |
parent | c99cfb21164b24644fec56013449b2b1e3b54fb3 (diff) | |
download | vyos-cloud-init-28aa8c5a16b67ea0226734eeadfa2c467701899d.tar.gz vyos-cloud-init-28aa8c5a16b67ea0226734eeadfa2c467701899d.zip |
Print ssh key fingerprints using sha256 hash (#188)
LP: #1860789
-rwxr-xr-x | cloudinit/config/cc_ssh_authkey_fingerprints.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/cloudinit/config/cc_ssh_authkey_fingerprints.py b/cloudinit/config/cc_ssh_authkey_fingerprints.py index dcf86fdc..7ac1c8cf 100755 --- a/cloudinit/config/cc_ssh_authkey_fingerprints.py +++ b/cloudinit/config/cc_ssh_authkey_fingerprints.py @@ -11,7 +11,7 @@ SSH Authkey Fingerprints Write fingerprints of authorized keys for each user to log. This is enabled by default, but can be disabled using ``no_ssh_fingerprints``. The hash type for -the keys can be specified, but defaults to ``md5``. +the keys can be specified, but defaults to ``sha256``. **Internal name:** `` cc_ssh_authkey_fingerprints`` @@ -42,7 +42,7 @@ def _split_hash(bin_hash): return split_up -def _gen_fingerprint(b64_text, hash_meth='md5'): +def _gen_fingerprint(b64_text, hash_meth='sha256'): if not b64_text: return '' # TBD(harlowja): Maybe we should feed this into 'ssh -lf'? @@ -65,7 +65,7 @@ def _is_printable_key(entry): return False -def _pprint_key_entries(user, key_fn, key_entries, hash_meth='md5', +def _pprint_key_entries(user, key_fn, key_entries, hash_meth='sha256', prefix='ci-info: '): if not key_entries: message = ("%sno authorized SSH keys fingerprints found for user %s.\n" @@ -101,7 +101,7 @@ def handle(name, cfg, cloud, log, _args): "logging of SSH fingerprints disabled"), name) return - hash_meth = util.get_cfg_option_str(cfg, "authkey_hash", "md5") + hash_meth = util.get_cfg_option_str(cfg, "authkey_hash", "sha256") (users, _groups) = ug_util.normalize_users_groups(cfg, cloud.distro) for (user_name, _cfg) in users.items(): (key_fn, key_entries) = ssh_util.extract_authorized_keys(user_name) |