Hello!
I noticed the ssh client now allows you to paste a fingerprint at the
host key verification question which I thought was pretty cool and a
welcome feature.
When testing it out I discovered it did not care about the case of the
entered hash, and looking at sshconnect.c I see strcasecmp() is
used which explains why.
I'm just curious if this was a deliberate decision or if it would make
sense to actually care about the case since the base64 encoded sha256
fingerprints contains a mix of upper and lower case characters.
Regards,
Patrik Lundin
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
I noticed the ssh client now allows you to paste a fingerprint at the
host key verification question which I thought was pretty cool and a
welcome feature.
When testing it out I discovered it did not care about the case of the
entered hash, and looking at sshconnect.c I see strcasecmp() is
used which explains why.
I'm just curious if this was a deliberate decision or if it would make
sense to actually care about the case since the base64 encoded sha256
fingerprints contains a mix of upper and lower case characters.
Regards,
Patrik Lundin
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev