X2Go Bug report logs - #1380
x2goclient shows wrong fingerprint

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.x2go.org (full text, mbox, reply):

From: Christian Krause <christian.krause@idiv.de>

To: <submit@bugs.x2go.org>

Subject: x2goclient shows wrong fingerprint

Date: Mon, 1 Apr 2019 17:06:23 +0200

Package: x2goclient
Version: 4.1.2.0

The Windows version of x2goclient shows "a" wrong server key fingerprint. Both
the Linux client and PuTTY on Windows show the correct fingerprint.

x2goclient on Windows:

> The server is unknown. Do you trust the host key?
> Public key hash: SSH proxy connection error: (address omitted):22 -
> 57:a8:d5:ae:c6:9d:6a:a2:d1:4e:a4:c4:cd:51:7e:c8:72:75:51:5d

PuTTY on Windows:

> The server's host key is not cached in the registry. You have no guarantee
> that the server is the computer you think it is.
> The server's rsa2 key fingerprint is:
> ssh-rsa 2048 f3:27:28:1a:16:92:7e:a0:74:26:2f:ce:2e:54:f7:62
> If you trust this host, hit Yes to ...

On the host I'm trying to connect to:

```console
$ for i in /etc/ssh/*.pub ; do ssh-keygen -lf $i ; done
1024 27:6d:55:b1:f0:60:b6:06:ea:49:a1:c7:d5:4f:60:e9
/etc/ssh/ssh_host_dsa_key.pub (DSA)
2048 0e:68:68:d6:ed:be:d2:11:2f:11:60:41:97:b4:15:33 /etc/ssh/ssh_host_key.pub
(RSA1)
2048 f3:27:28:1a:16:92:7e:a0:74:26:2f:ce:2e:54:f7:62
/etc/ssh/ssh_host_rsa_key.pub (RSA)
```

Note: It's also really hard to figure out for which key x2go is trying to show
me the fingerprint. Both PuTTY and OpenSSH show the key type, so it's really
obvious. With x2go, I have to guess. (That's worth a different bug report, I know.)

-- 
Christian Krause

Scientific Computing Administration and Support

-------------------------------------------------------------------------------

Email: christian.krause@idiv.de

Office: BioCity Leipzig 5e, Room 3.201.3

Phone: +49 341 97 33144

-------------------------------------------------------------------------------

German Centre for Integrative Biodiversity Research (iDiv) Halle-Jena-Leipzig

Deutscher Platz 5e

04103 Leipzig

Germany

-------------------------------------------------------------------------------

iDiv is a research centre of the DFG – Deutsche Forschungsgemeinschaft

iDiv ist eine zentrale Einrichtung der Universität Leipzig im Sinne des § 92
Abs. 1 SächsHSFG und wird zusammen mit der Martin-Luther-Universität
Halle-Wittenberg und der Friedrich-Schiller-Universität Jena betrieben sowie in
Kooperation mit dem Helmholtz-Zentrum für Umweltforschung GmbH – UFZ.
Beteiligte Kooperationspartner sind die folgenden außeruniversitären
Forschungseinrichtungen: das Helmholtz-Zentrum für Umweltforschung GmbH - UFZ,
das Max-Planck-Institut für Biogeochemie (MPI BGC), das Max-Planck-Institut für
chemische Ökologie (MPI CE), das Max-Planck-Institut für evolutionäre
Anthropologie (MPI EVA), das Leibniz-Institut Deutsche Sammlung von
Mikroorganismen und Zellkulturen (DSMZ), das Leibniz-Institut für
Pflanzenbiochemie (IPB), das Leibniz-Institut für Pflanzengenetik und
Kulturpflanzenforschung (IPK) und das Leibniz-Institut Senckenberg Museum für
Naturkunde Görlitz (SMNG). USt-IdNr. DE 141510383

Message #10 received at 1380@bugs.x2go.org (full text, mbox, reply):

From: Frank Lenaerts <frank.lenaerts@sckcen.be>

To: <1380@bugs.x2go.org>

Subject: fingerprint in Windows x2goclient

Date: Wed, 23 Oct 2019 15:59:59 +0200

Hi

I also couldn't immediately map the fingerprint that the x2goclient on
Windows shows. It didn't match the usual[*] fingerprints and shows a
longer (320 instead of 256 bits) one. That one though, can be derived
from the public host keys as follows:

for x in /etc/ssh/*.pub ; do echo $x && cut -d' ' -f2 < $x | base64 -d | openssl sha1 -c ; done ;

In my case, it matched the ED25519 one.

[*] The ones you can get with ssh-keygen(1) for users to check.

-- 
Kind regards

Frank Lenaerts
SCK·CEN / ICT Group
Boeretang 200
B-2400 Mol
Belgium
Tel.: +3214338723

Send a report that this bug log contains spam.