Fwd: SSHFP observation

Alan Clegg alan at clegg.com
Thu Jan 31 16:27:00 UTC 2019 

On 1/31/19 10:56 AM, Jim Popovitch via bind-users wrote:
> est1.ramesh-sshfp.com. 86400   IN  SSHFP 1 1 aa
> test2.ramesh-sshfp.com. 86400   IN  SSHFP 1 1 00

When I use these exact lines (with the "aa" and "00"), I get just what
he did.

When I use lines with correct SSHFP values, they work fine:

svlg-gateway IN SSHFP 1 2
5d0d289579841c3f158d59999d6e3f9358d6ffa72f4e8a4625480e1502471121
svlg-gateway IN SSHFP 2 2
dbe0bb71cdcc3179a63a39e924c54b7884058318219f76ddc502f4d0b56f9041
svlg-gateway IN SSHFP 3 2
6fae021dd9c8d84448a0a15623751a1e35e56f5aa2d86193097b6d1008c14c42
svlg-gateway IN SSHFP 4 2
da6681ec8d06d7da14121bf717849c4044a1ccdac9a8a6398ceb1de1cafd5d3f
test1   SSHFP 1 1 aa
test2   SSHFP 1 1 00


root at svlg-gateway:/etc/namedb/zone# dig test1.boat sshfp
;; Warning: Message parser reports malformed message packet.

; <<>> DiG 9.13.5 <<>> test1.boat sshfp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41738
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: Message has 42 extra bytes at end

;; QUESTION SECTION:
;test1.boat.			IN	SSHFP

;; Query time: 1 msec
;; SERVER: 44.127.8.1#53(44.127.8.1)
;; WHEN: Thu Jan 31 16:25:27 UTC 2019
;; MSG SIZE  rcvd: 82

root at svlg-gateway:/etc/namedb/zone# dig svlg-gateway.boat  sshfp

; <<>> DiG 9.13.5 <<>> svlg-gateway.boat sshfp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36644
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: fc5043961ba7f3de20111bd95c5321822d0203038e0ff9df (good)
;; QUESTION SECTION:
;svlg-gateway.boat.		IN	SSHFP

;; ANSWER SECTION:
svlg-gateway.boat.	300	IN	SSHFP	3 2
6FAE021DD9C8D84448A0A15623751A1E35E56F5AA2D86193097B6D10 08C14C42
svlg-gateway.boat.	300	IN	SSHFP	2 2
DBE0BB71CDCC3179A63A39E924C54B7884058318219F76DDC502F4D0 B56F9041
svlg-gateway.boat.	300	IN	SSHFP	1 2
5D0D289579841C3F158D59999D6E3F9358D6FFA72F4E8A4625480E15 02471121
svlg-gateway.boat.	300	IN	SSHFP	4 2
DA6681EC8D06D7DA14121BF717849C4044A1CCDAC9A8A6398CEB1DE1 CAFD5D3F

;; Query time: 1 msec
;; SERVER: 44.127.8.1#53(44.127.8.1)
;; WHEN: Thu Jan 31 16:25:38 UTC 2019
;; MSG SIZE  rcvd: 258

More information about the bind-users mailing list