From bcb7bc77bbb1535d1008c7714085556f3065d99d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 18 Nov 2015 08:37:28 +0000 Subject: [PATCH] upstream commit fix "ssh-keygen -l" of private key, broken in support for multiple plain keys on stdin Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d --- ssh-keygen.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/ssh-keygen.c b/ssh-keygen.c index 5c02d7817..f9091951e 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.279 2015/11/16 22:53:07 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.280 2015/11/18 08:37:28 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -861,8 +861,15 @@ fingerprint_private(const char *path) if (stat(identity_file, &st) < 0) fatal("%s: %s", path, strerror(errno)); - if ((r = sshkey_load_public(path, &public, &comment)) != 0) - fatal("Error loading public key \"%s\": %s", path, ssh_err(r)); + if ((r = sshkey_load_public(path, &public, &comment)) != 0) { + debug("load public \"%s\": %s", path, ssh_err(r)); + if ((r = sshkey_load_private(path, NULL, + &public, &comment)) != 0) { + debug("load private \"%s\": %s", path, ssh_err(r)); + fatal("%s is not a key file.", path); + } + } + fingerprint_one_key(public, comment); sshkey_free(public); free(comment); @@ -907,7 +914,7 @@ do_fingerprint(struct passwd *pw) * not reading from stdin (XXX support private keys on stdin). */ if (lnum == 1 && strcmp(identity_file, "-") != 0 && - strstr(cp, "SSH PRIVATE KEY") != NULL) { + strstr(cp, "PRIVATE KEY") != NULL) { fclose(f); fingerprint_private(path); exit(0);