upstream: allow ssh-keyscan to find security key hostkeys
OpenBSD-Commit-ID: 1fe822a7f714df19a7e7184e3a3bbfbf546811d3
This commit is contained in:
parent
56584cce75
commit
9b6e30b96b
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ssh-keyscan.c,v 1.130 2019/09/06 05:23:55 djm Exp $ */
|
||||
/* $OpenBSD: ssh-keyscan.c,v 1.131 2019/12/15 19:47:10 djm Exp $ */
|
||||
/*
|
||||
* Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
|
||||
*
|
||||
|
@ -61,12 +61,14 @@ int ssh_port = SSH_DEFAULT_PORT;
|
|||
#define KT_ECDSA (1<<2)
|
||||
#define KT_ED25519 (1<<3)
|
||||
#define KT_XMSS (1<<4)
|
||||
#define KT_ECDSA_SK (1<<5)
|
||||
#define KT_ED25519_SK (1<<6)
|
||||
|
||||
#define KT_MIN KT_DSA
|
||||
#define KT_MAX KT_XMSS
|
||||
#define KT_MAX KT_ED25519_SK
|
||||
|
||||
int get_cert = 0;
|
||||
int get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519;
|
||||
int get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519|KT_ECDSA_SK|KT_ED25519_SK;
|
||||
|
||||
int hash_hosts = 0; /* Hash hostname on output */
|
||||
|
||||
|
@ -259,6 +261,16 @@ keygrab_ssh2(con *c)
|
|||
"ecdsa-sha2-nistp384,"
|
||||
"ecdsa-sha2-nistp521";
|
||||
break;
|
||||
case KT_ECDSA_SK:
|
||||
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ?
|
||||
"sk-ecdsa-sha2-nistp256-cert-v01@openssh.com" :
|
||||
"sk-ecdsa-sha2-nistp256@openssh.com";
|
||||
break;
|
||||
case KT_ED25519_SK:
|
||||
myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ?
|
||||
"sk-ssh-ed25519-cert-v01@openssh.com" :
|
||||
"sk-ssh-ed25519@openssh.com";
|
||||
break;
|
||||
default:
|
||||
fatal("unknown key type %d", c->c_keytype);
|
||||
break;
|
||||
|
@ -735,6 +747,12 @@ main(int argc, char **argv)
|
|||
case KEY_XMSS:
|
||||
get_keytypes |= KT_XMSS;
|
||||
break;
|
||||
case KEY_ED25519_SK:
|
||||
get_keytypes |= KT_ED25519_SK;
|
||||
break;
|
||||
case KEY_ECDSA_SK:
|
||||
get_keytypes |= KT_ECDSA_SK;
|
||||
break;
|
||||
case KEY_UNSPEC:
|
||||
default:
|
||||
fatal("Unknown key type \"%s\"", tname);
|
||||
|
|
Loading…
Reference in New Issue