misc/51642: anoncvs mirror list should mention the sha256 key fingerprints

To: misc-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: misc/51642: anoncvs mirror list should mention the sha256 key fingerprints
From: miod%online.fr@localhost
Date: Tue, 22 Nov 2016 09:20:01 +0000 (UTC)

>Number:         51642
>Category:       misc
>Synopsis:       anoncvs mirror list should mention the sha256 key fingerprints
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    misc-bug-people
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Nov 22 09:20:01 +0000 2016
>Originator:     Miod Vallat
>Release:        
>Organization:
>Environment:
>Description:
The anoncvs mirror list (http://www.netbsd.org/mirrors/#anoncvs) only mentions the md5 fingerprints of the ssh-capable servers. However, nowadays, ssh(1) will only display the sha256 key fingerprint when connecting to the server for the first time.

Mentioning the sha256 key fingerprints on the web page would allow the fingerprint to be more easily checked.
>How-To-Repeat:
Remove anoncvs ssh key from ~/.ssh/known_hosts, then checkout or update sources with anoncvs over ssh.
>Fix:

Prev by Date: PR/51641 CVS commit: src/sys/dev/scsipi
Next by Date: PR/51531 CVS commit: src/usr.sbin/sysinst
Previous by Thread: PR/51641 CVS commit: src/sys/dev/scsipi
Next by Thread: PR/51531 CVS commit: src/usr.sbin/sysinst
Indexes:

Home | Main Index | Thread Index | Old Index