From owner-freebsd-bugbusters@FreeBSD.ORG  Thu Aug 15 21:40:16 2013
Return-Path: <owner-freebsd-bugbusters@FreeBSD.ORG>
Delivered-To: bugbusters@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id AD245BA5;
 Thu, 15 Aug 2013 21:40:16 +0000 (UTC)
 (envelope-from holz@net.in.tum.de)
Received: from smtp.serverkommune.de (serverkommune.de [176.9.61.43])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 68B352B79;
 Thu, 15 Aug 2013 21:40:15 +0000 (UTC)
Received: by smtp.serverkommune.de (Postfix, from userid 5001)
 id 58965803A4; Thu, 15 Aug 2013 23:40:14 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on ex6.serverkommune.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00
 autolearn=ham version=3.3.1
Received: from [192.168.178.34] (ex6.serverkommune.de [176.9.61.43])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by smtp.serverkommune.de (Postfix) with ESMTPSA id 83B7580047;
 Thu, 15 Aug 2013 23:40:13 +0200 (CEST)
Message-ID: <520D4AE5.50805@net.in.tum.de>
Date: Thu, 15 Aug 2013 23:40:53 +0200
From: Ralph Holz <holz@net.in.tum.de>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-Version: 1.0
To: Gavin Atkinson <gavin@FreeBSD.org>, bugbusters@FreeBSD.org
Subject: Re: Wrong SSHFP on FreeBSD servers
References: <520CDDB5.8080307@net.in.tum.de>
 <alpine.BSF.2.00.1308151749460.88779@thunderhorn.york.ac.uk>
In-Reply-To: <alpine.BSF.2.00.1308151749460.88779@thunderhorn.york.ac.uk>
X-Enigmail-Version: 1.5.2
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.97.8 at ex6
X-Virus-Status: Clean
X-BeenThere: freebsd-bugbusters@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Coordination of the Problem Report handling effort."
 <freebsd-bugbusters.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-bugbusters>, 
 <mailto:freebsd-bugbusters-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugbusters>
List-Post: <mailto:freebsd-bugbusters@freebsd.org>
List-Help: <mailto:freebsd-bugbusters-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugbusters>, 
 <mailto:freebsd-bugbusters-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Aug 2013 21:40:16 -0000

Hi Gavin,

As an addendum to my last mail: I have just found out that the way the
fingerprints are stored in SSHFP does not seem to reflect the same kind
of hash value that is displayed to the user. Ouch. I had a
too-simplistic conversion between the two - that must have been the
source of the mismatch.

I am going to investigate this tomorrow and must have a closer look at
the SSHFP RFC.

Sorry for the trouble!

Ralph

-- 
Ralph Holz
I8 - Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/
Phone +49.89.289.18043
PGP: A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF