Didier Stevens

Sunday 1 January 2012

Calculating a SSH Fingerprint From a (Cisco) Public Key

Filed under: Forensics,Networking — Didier Stevens @ 17:03

I’m sure some of you verify SSH fingerprints before you use a SSH server for the first time. You obtain the fingerprint via another channel, and you compare it with the fingerprint your SSH client presents you.

But have you done this with Cisco devices too? Recently I tried to obtain the SSH fingerprint of a Cisco router while connected via the serial console. Turns out there is no CLI command to display the fingerprint (well, at least I didn’t find one). What you can do, is dump the public key with command “show crypto key mypubkey rsa”.

So I developed a small Python program that calculates a SSH fingerprint from the public key. You store the public key in hex format in a file and use that with this new tool.

To calculate the fingerprint, I extract the modulus and exponent from the public key, store them in another format (ssh-rsa) and calculate the MD5 hash.

So now I can connect to a router via the serial console while there’s no “man in the middle”, obtain the public key and calculate the fingerprint. Next when I connect to the same router over SSH, I can validate the fingerprint my SSH client presents me. It’s too bad Cisco provides no feature to get the fingerprint directly.

cisco-calculate-ssh-fingerprint_V0_0_1.zip (https)
MD5: 5A6C3A2C466908EE7EFB06727E8D02B7
SHA256: 831CAF7BBF0F6C584436C42D9CEB252A089487B715ADBB81F9547EEB3ED6B0B8

16 Comments »

  1. […] Calculating a SSH Fingerprint From a (Cisco) Public Key « Didier Stevens […]

    Pingback by Unnamed 01/07/2012 | Its way inside — Saturday 7 January 2012 @ 1:09

  2. hi didier,

    en
    sh crypto key mypubkey rsa
    !
    conf t
    !
    ! optionally remove existing key(s) if they are non-exportable
    !
    crypto key zeroize rsa
    !
    conf t
    crypto key generate rsa exportable general-keys label modulus 2048
    !
    do sh crypto key mypubkey rsa
    !
    crypto key export rsa pem terminal 3des
    !

    this will dump the public and private key pair to the terminal.

    Comment by Anonymous — Tuesday 24 January 2012 @ 16:55

  3. But this will also erase the existing keys and then generate a new pair!
    And you don’t need the private key to calculate the fingerprint.

    Comment by Didier Stevens — Tuesday 24 January 2012 @ 23:59

  4. ssh-keygen -l -f key.pub

    Comment by Anonymous — Wednesday 7 March 2012 @ 18:24

  5. Nope:

    $ ssh-keygen -l -f key.pub
    01010105…367\2370
    key.pub is not a public key file.

    Comment by Didier Stevens — Wednesday 7 March 2012 @ 19:17

  6. Thank-you, this is a much better method than my crude connect to host initially and copy the fingerprint into the banner.

    Comment by Anonymous — Tuesday 11 June 2013 @ 4:39

  7. Is it possible that your skript is not working with 2048 Bit Keys? I got the Message “Parse error: incomplete DER encoded key”

    Comment by Anonymous — Tuesday 19 August 2014 @ 16:36

  8. It should work with any key length, but I just checked for 2048 bits and there is a bug in my program (I read the length bytes in LSB order instead of MSB).

    I will release an update, but you can already fix the code yourself:
    On line 65, replace range(countBytes – 1, -1, -1) with range(0, countBytes).

    Let me know if this solves your problem.

    Comment by Didier Stevens — Tuesday 19 August 2014 @ 18:29

  9. Hi, that works for me, Thank you very much!

    Comment by Anonymous — Wednesday 20 August 2014 @ 7:32

  10. […] think there’s more interest for my program to calculate the SSH fingerprint for Cisco IOS since Snowden started with his […]

    Pingback by Update: Calculating a SSH Fingerprint From a (Cisco) Public Key | Didier Stevens — Monday 1 September 2014 @ 20:17

  11. Bravo – just used it and thank you

    Comment by Anonymous — Wednesday 1 October 2014 @ 17:04

  12. it didn’t work for me, i get a different fingerprient help me please

    Comment by feriel benouaghrem — Thursday 2 February 2017 @ 23:37

  13. You will need to probide more info.

    Comment by Didier Stevens — Thursday 2 February 2017 @ 23:52

  14. We intend to generate a pair of rsa keys for ssh to work on a cisco router, but we need to generate the rsa key fingerprint from the der format showed in the –>sh crypto key rsa command output in the hex format, we use your code to generate the fingerprint but it doesent match with the fingerprint showed in the ssh client’s propt (we used putty) this is the problem

    Comment by feriel ben ouaghrem — Tuesday 7 February 2017 @ 11:01

  16. Thanks for this program. I was having trouble generating a correct fingerprint for the DER-encoded key used by WolfSSH because I couldn’t find a spec for how the fingerprint should be constructed. That key has a different ASN.1 structure than the Cisco key, but I hacked your parsing code to fit then changed to SHA256 instead of MD5 and base64 instead of hex to match the fingerprint of the new ssh client. By adding print statements for intermediate values I could find where my C++ program diverged.

    Comment by Stephen Casner — Saturday 25 November 2017 @ 2:10


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.