Instance Configuration page shows incorrect SSH key fingerprints
Summary
The SSH key fingerprints displayed on the Instance Configuration page under Help do not correspond to the fingerprints reported by SSH clients connecting to the host.
Steps to reproduce
- Go to the Instance Configuration page (https://gitlab-host/help/instance_configuration).
- Get fingerprints from a shell on the machine with
ssh-keygen
. - Compare output of
ssh-keygen
with the the fingerprints on the page.
What is the current bug behavior?
The fingerprints are not the same as produced by ssh-keygen
.
What is the expected correct behavior?
The fingerprints should be identical to the hash part produced by ssh-keygen
.
(Additional checks in the issue template omitted because they're not relevant.)
Possible fixes
https://gitlab.com/gitlab-org/gitlab-ce/blob/master/app/models/instance_configuration.rb#L65
The methods are hashing the entire file content instead of just the public key. The key should be extracted, decoded, then hashed.
Additional thoughts
It would be handy if the SHA256 hash can be clicked on to toggle between hex encoding and base64.