X-Git-Url: https://git.siccegge.de//index.cgi?p=dane-monitoring-plugins.git;a=blobdiff_plain;f=check_dane_ssh;h=90a7a022a2c1a1d7e33447b1b9f89f6af4d5879a;hp=fe56dea1764ebfcfca934540a996114c5a7736d4;hb=51d6a5e599dcccbe4c6ee381c54d25c432a36e7f;hpb=4de5348b35aae905051313320820ee20db6d4d3a diff --git a/check_dane_ssh b/check_dane_ssh index fe56dea..90a7a02 100755 --- a/check_dane_ssh +++ b/check_dane_ssh @@ -16,7 +16,7 @@ import paramiko try: from unbound import RR_TYPE_SSHFP except ImportError: - RR_TYPE_SSHFP=44 + RR_TYPE_SSHFP = 44 class HostKeyMatchSSHFP(BaseException): @@ -58,22 +58,30 @@ class HostKeyLookup(paramiko.client.MissingHostKeyPolicy): elif hashtype == 2: actualhash = hashlib.sha256(actualhostkey).digest() else: - logging.warn("Only hashtypes 1 and 2 supported") + logging.warning("Only hashtypes 1 and 2 supported") if keytype == 1 and actualkeytype == 'ssh-rsa': if data == actualhash: + logging.info("Found matching record: `SSHFP %d %d %s`", + keytype, hashtype, hexencoder(data)[0].decode()) raise HostKeyMatchSSHFP elif keytype == 2 and actualkeytype == 'ssh-dss': if data == actualhash: + logging.info("Found matching record: `SSHFP %d %d %s`", + keytype, hashtype, hexencoder(data)[0].decode()) raise HostKeyMatchSSHFP elif keytype == 3 and actualkeytype == 'ssh-ecdsa': if data == actualhash: + logging.info("Found matching record: `SSHFP %d %d %s`", + keytype, hashtype, hexencoder(data)[0].decode()) raise HostKeyMatchSSHFP elif keytype == 4 and actualkeytype == 'ssh-ed25519': if data == actualhash: + logging.info("Found matching record: `SSHFP %d %d %s`", + keytype, hashtype, hexencoder(data)[0].decode()) raise HostKeyMatchSSHFP logging.error("No matching SSHFP record found")