Skip to content
Snippets Groups Projects
Commit d9f4e83e authored by Niall Sheridan's avatar Niall Sheridan
Browse files

Log SHA256 fingerprints

parent f1fcf2a4
Branches
Tags
No related merge requests found
package signer package signer
import ( import (
"crypto/md5"
"crypto/rand" "crypto/rand"
"fmt" "fmt"
"log" "log"
"strings"
"time" "time"
"go4.org/wkfs" "go4.org/wkfs"
...@@ -49,7 +47,7 @@ func (s *KeySigner) SignUserKey(req *lib.SignRequest, username string) (*ssh.Cer ...@@ -49,7 +47,7 @@ func (s *KeySigner) SignUserKey(req *lib.SignRequest, username string) (*ssh.Cer
if err := cert.SignCert(rand.Reader, s.ca); err != nil { if err := cert.SignCert(rand.Reader, s.ca); err != nil {
return nil, err return nil, err
} }
log.Printf("Issued cert id: %s principals: %s fp: %s valid until: %s\n", cert.KeyId, cert.ValidPrincipals, fingerprint(pubkey), time.Unix(int64(cert.ValidBefore), 0).UTC()) log.Printf("Issued cert id: %s principals: %s fp: %s valid until: %s\n", cert.KeyId, cert.ValidPrincipals, ssh.FingerprintSHA256(pubkey), time.Unix(int64(cert.ValidBefore), 0).UTC())
return cert, nil return cert, nil
} }
...@@ -107,10 +105,3 @@ func New(conf *config.SSH) (*KeySigner, error) { ...@@ -107,10 +105,3 @@ func New(conf *config.SSH) (*KeySigner, error) {
permissions: makeperms(conf.Permissions), permissions: makeperms(conf.Permissions),
}, nil }, nil
} }
func fingerprint(pubkey ssh.PublicKey) string {
md5String := md5.New()
md5String.Write(pubkey.Marshal())
fp := fmt.Sprintf("% x", md5String.Sum(nil))
return strings.Replace(fp, " ", ":", -1)
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment