Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

ed25519 fingerprint mismatch because of extra padding from AWS `=`

1

Hello. I'm encountering an interesting scenario where the generated fingerprint for my imported/created ed25519 SSH key is different from the one reported by ssh-keygen.

For example:

ssh-keygen:

64OuseEfObM7yYiEyK7u42qN1kHj6/JGnpro1XqO4pM

And AWS generated the fingerprint:

64OuseEfObM7yYiEyK7u42qN1kHj6/JGnpro1XqO4pM=

So, there is extra padding for some reason. Does anyone know why that is so?

Cheers, Gergely.

Themen
Kalkulation
Tags
Amazon EC2
Sprache
English
Gergely
gefragt vor 2 Jahren323 Aufrufe
2 Antworten
1

I got it.

From other posts here as well, but the answer is that they are using a base64 sha256 openssl combo like this:

$ cat ~/.ssh/ec2-key.pub | base64 -w0 -d | openssl dgst -binary -sha256 | base64 -w0; echo

Where the pub key was generated from the downloaded ec2 pem key like this:

ssh-keygen -y -f ~/.ssh/ec2-key.pem > ~/.ssh/ec2-key.pub
Gergely
beantwortet vor 2 Jahren
0

As per this page the equal sign at the end is padding to ensure correct Base64 encoding.

profile pictureAWS
EXPERTE
Brettski-AWS
beantwortet vor 2 Jahren
  • Gergely
    vor 2 Jahren

    Yeah, I know WHAT the equal sign is. :) The question is, why it's there when local workflow doesn't produce it. But I figured it out in the end.

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt