ydns / bash-updater

YDNS Bash Updater Script
GNU General Public License v3.0
82 stars 43 forks source link

ydns refuses to take SSHFP algorithm 4 claiming it's invalid and saying that valid are 1 to 3 #34

Closed Mikaela closed 9 years ago

Mikaela commented 9 years ago

I am not sure if this is correct place, but the contact page linked me here.

When I run ssh-keygen -r elorn on one of my hosts, I receive the following output:

elorn IN SSHFP 1 1 b8d7385797bbc3dcc3176d0789dcd63a8e885c91
elorn IN SSHFP 1 2 3ed5a28fe17b8843f8ed3d32a5288f0261ade10945d56084ebc4eab9d8aab419
elorn IN SSHFP 2 1 aa79e4a1e49da833866084d6f2db50745d6b7d5f
elorn IN SSHFP 2 2 99a7bd84e04e201826ab0b69820c806573a6cfc7307d04dac085e91d6861de9f
elorn IN SSHFP 3 1 42b8be9df343417e8bda3295962f6003699aa559
elorn IN SSHFP 3 2 eb3ffb92f63e05e9a53fda0dffe0514e0aa44d4563cec0e95dfdbe92e3f57f10
elorn IN SSHFP 4 1 de1a0fa9ff1a3002fa197bda09607970493a98a5
elorn IN SSHFP 4 2 63e3c82150f189eb15c395d583331ddb266af7619885e3ee6dfc151a7d08b8d3

ydns.eu agreed to take all the others except the two last which it claims to be invalid. However they are valid and it means algorithm Ed25519 according to https://www.iana.org/assignments/dns-sshfp-rr-parameters/dns-sshfp-rr-parameters.xml.

commx commented 9 years ago

Hi, algo 4 (Ed2551) refers to RFC7479 in your link, which is a pretty new RFC. The algo was not present when I added the validation functions for SSHFP, so I may add the new algorithm later today.

commx commented 9 years ago

The updated has been applied.