freeipa

Clone
Source Code
GIT

#4789 CLI doesn't show SSHFP records with SHA256 added via nsupdate (regression)
Closed: Fixed None Opened 9 years ago by mbasti.

Closed: Fixed
Reopen Issue

Error is caused by extra whitespace, which is added by named/nsupdate in fingerprint part.

$ dig ipa.example.com. sshfp
...
;; ANSWER SECTION:
ipa.example.com. 1200   IN  SSHFP   1 2 37BF6366A44B67F6CA8FF8A8313B7C964CEA971CCB3E092D775FDF08 2170AAA4
ipa.example.com. 1200   IN  SSHFP   3 1 3651173F6737DF24EB6494434AC5968B3C90B749
ipa.example.com. 1200   IN  SSHFP   1 1 8FD003E98D818E4E2813672234410835AB5844AC
ipa.example.com. 1200   IN  SSHFP   3 2 97EF4030A9DD471A3D4730A819B3A662E11994BB20AFC56FC3875AB1 662260BF
....

$ ipa dnsrecord-show example.com. ipa
  Record name: ipa
  SSHFP record: 1 1 8FD003E98D818E4E2813672234410835AB5844AC, 3 1 3651173F6737DF24EB6494434AC5968B3C90B749
...

$ ipa dnsrecord-show example.com ipa --raw
  idnsname: ipa
  sshfprecord: 1 1 8FD003E98D818E4E2813672234410835AB5844AC
  sshfprecord: 1 2 37BF6366A44B67F6CA8FF8A8313B7C964CEA971CCB3E092D775FDF08 2170AAA4
  sshfprecord: 3 1 3651173F6737DF24EB6494434AC5968B3C90B749
  sshfprecord: 3 2 97EF4030A9DD471A3D4730A819B3A662E11994BB20AFC56FC3875AB1 662260BF
...

This SHA256 fingerprints was added in: https://fedorahosted.org/freeipa/ticket/2642

Regression is caused probably by IDNA support.

Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1172578

master:

  • b5ff0b9 Show SSHFP record containing space in fingerprint

ipa-4-1:

  • d229c4a Show SSHFP record containing space in fingerprint

Metadata Update from @mbasti:
- Issue assigned to mbasti
- Issue set to the milestone: FreeIPA 4.1.3
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
None
None
None
None
defect
None
None
DNS
None
1
None
None
jcholast
None
https://bugzilla.redhat.com/show_bug.cgi?id=1172578
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.