- grunk@cvs.openbsd.org 2008/06/11 22:20:46

[ssh-keygen.c ssh-keygen.1]
     ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
     that is not how it was envisioned.
     Also correct manpage saying that -v is needed along with -l for it to work.
     spotted by naddy@

ChangeLog

@@ -28,6 +28,12 @@
      [ssh-keygen.c]
      ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
      would not display you the random art as intended, spotted by canacar@
+   - grunk@cvs.openbsd.org 2008/06/11 22:20:46
+     [ssh-keygen.c ssh-keygen.1]
+     ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
+     that is not how it was envisioned.
+     Also correct manpage saying that -v is needed along with -l for it to work.
+     spotted by naddy@
 
 20080611
  - (djm) [channels.c configure.ac]
@@ -4190,4 +4196,4 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.4970 2008/06/12 18:42:14 dtucker Exp $
+$Id: ChangeLog,v 1.4971 2008/06/12 18:43:15 dtucker Exp $

ssh-keygen.1

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.76 2008/06/11 21:01:35 grunk Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.77 2008/06/11 22:20:46 grunk Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -257,7 +257,10 @@ RFC 4716 SSH Public Key File Format.
 This option allows importing keys from several commercial
 SSH implementations.
 .It Fl l
-Show fingerprint and ASCII art representation of specified public key file.
+Show fingerprint of specified public key file.
+If invoked along with
+.Fl v ,
+an ASCII art representation of the key is supplied with the fingerprint.
 Private RSA1 keys are also supported.
 For RSA and DSA keys
 .Nm

ssh-keygen.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.168 2008/06/11 21:38:25 grunk Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.169 2008/06/11 22:20:46 grunk Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -72,6 +72,8 @@ int change_comment = 0;
 
 int quiet = 0;
 
+int log_level = SYSLOG_LEVEL_INFO;
+
 /* Flag indicating that we want to hash a known_hosts file */
 int hash_hosts = 0;
 /* Flag indicating that we want lookup a host in known_hosts file */
@@ -524,7 +526,8 @@ do_fingerprint(struct passwd *pw)
 		fp = key_fingerprint(public, fptype, rep);
 		ra = key_fingerprint(public, fptype, SSH_FP_RANDOMART);
 		printf("%u %s %s\n", key_size(public), fp, comment);
-		verbose("%s", ra);
+		if (log_level >= SYSLOG_LEVEL_VERBOSE)
+			printf("%s\n", ra);
 		key_free(public);
 		xfree(comment);
 		xfree(ra);
@@ -588,7 +591,8 @@ do_fingerprint(struct passwd *pw)
 			ra = key_fingerprint(public, fptype, SSH_FP_RANDOMART);
 			printf("%u %s %s\n", key_size(public), fp,
 			    comment ? comment : "no comment");
-			verbose("%s\n", ra);
+			if (log_level >= SYSLOG_LEVEL_VERBOSE)
+				printf("%s\n", ra);
 			xfree(ra);
 			xfree(fp);
 			key_free(public);
@@ -1078,7 +1082,6 @@ main(int argc, char **argv)
 	int opt, type, fd, download = 0;
 	u_int32_t memory = 0, generator_wanted = 0, trials = 100;
 	int do_gen_candidates = 0, do_screen_candidates = 0;
-	int log_level = SYSLOG_LEVEL_INFO;
 	BIGNUM *start = NULL;
 	FILE *f;
 	const char *errstr;