GithubHelp home page GithubHelp logo

Comments (5)

offsides avatar offsides commented on June 3, 2024 1

OK, so I don't know how this happened, but somehow the base64 decoding of the openSSH key fingerprint must've gotten messed up, because in trying to get log info for you just now it does match up to what mod_sftp is logging. The only issue now is that when mod_sftp logs the key fingerprint, it's using the XX:XX:XX:... format, whereas ssh-keygen -l uses the base64 encoding of the binary key fingerprint. While that does make it a little harder to line things up, it's not a dealbreaker. I have no idea how I was getting mismatched fingerprints before, but it's not actually mismatched now so I'm just going to close this unless I run into other issues later.

from proftpd.

offsides avatar offsides commented on June 3, 2024 1

As I said, it's not a huge deal that the format isn't the same as long as the underlying data is the same. I can easily implement a way to convert the fingerprint into the format the mod_sftp uses for checking against logged values, and it's not like it's something that comes up all the time, it's more of a once in a while issue. While it would be nice if I could have it log in the openssh format, it's most definitely not a big deal.

from proftpd.

Castaglia avatar Castaglia commented on June 3, 2024

You might see if #1804 helps with the logging. Also, the fingerprints logged may depend on the SFTP client being used. For example, OpenSSH may try all of the keys in its local ssh-agent, resulting in multiple fingerprints being logged by mod_sftp, until it finds the matching/authorized key.

from proftpd.

Castaglia avatar Castaglia commented on June 3, 2024

On pondering this more, I've closed the PR. Instead, I'm hoping you can provide the logging that you see, when a client authenticates using a public key, showing the fingerprint (or maybe more than one?). Thanks!

from proftpd.

Castaglia avatar Castaglia commented on June 3, 2024

I'll ponder some option/way to configure the format/encoding used when logging these fingerprints. (The fact that ssh-keygen changed its format/encoding, without providing a way to select, is irritating.) I didn't want to just change the logging in mod_sftp, as doing so could (and probably would) break compatibility with some sites' setup.

from proftpd.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.