On Sun, 2015-05-24 at 12:32 -0400, Andrew Schulman wrote:
> Since the latest update to openssh, ssh-keygen's output format for key
> fingerprints has changed. The default hash algorithm is now base64-encoded
> SHA256 instead of MD5, and the hash name precedes its value, like
>
> SHA256:lvRrjAXmEhzDp5kQqzelsei8s5hXJ+zLaqJ2yiGXmYc
>
> This breaks the current logic for detecting key fingerprints in cygport's
> lib/pkg_upload.cygpart. The attached patch fixes the problem. (You might
> know
> a more precise regex for the base64-encoded hash value than I do. I couldn't
> find any documentation of it anywhere, and just settled for
>
> SHA256:.{44}
There's another problem: this is new to 6.8; any out-of-date Cygwin
systems, or even current RHEL or Fedora 21 systems, won't have this, nor
do they support the -E flag which could be used to specify md5.
Any thoughts on a better regex or on keeping compatibility with other
systems?
--
Yaakov
