NetBSD Problem Report #51642

From www@NetBSD.org  Tue Nov 22 09:16:27 2016
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id D5AF07A2E9
	for <gnats-bugs@gnats.NetBSD.org>; Tue, 22 Nov 2016 09:16:26 +0000 (UTC)
Message-Id: <20161122091625.BA95D7A324@mollari.NetBSD.org>
Date: Tue, 22 Nov 2016 09:16:25 +0000 (UTC)
From: miod@online.fr
Reply-To: miod@online.fr
To: gnats-bugs@NetBSD.org
Subject: anoncvs mirror list should mention the sha256 key fingerprints
X-Send-Pr-Version: www-1.0

>Number:         51642
>Category:       misc
>Synopsis:       anoncvs mirror list should mention the sha256 key fingerprints
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    misc-bug-people
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Nov 22 09:20:01 +0000 2016
>Originator:     Miod Vallat
>Release:        
>Organization:
>Environment:
>Description:
The anoncvs mirror list (http://www.netbsd.org/mirrors/#anoncvs) only mentions the md5 fingerprints of the ssh-capable servers. However, nowadays, ssh(1) will only display the sha256 key fingerprint when connecting to the server for the first time.

Mentioning the sha256 key fingerprints on the web page would allow the fingerprint to be more easily checked.
>How-To-Repeat:
Remove anoncvs ssh key from ~/.ssh/known_hosts, then checkout or update sources with anoncvs over ssh.
>Fix:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.