Do base64-encoding of the SSH key before returning, not after.

Not all SSH key formats use base64 encoding, for example SSH1 keys looks different. So we can't blindly base64-encode the raw strings that we receive. Attempt to return keys in the same format as is used by the known_hosts file.
2025-12-06 04:31:29 +00:00 · 2013-08-11 05:36:45 +00:00
parent ea8995ebf7
commit 82df82b5fd
2 changed files with 2 additions and 2 deletions
--- a/nselib/ssh2.lua
+++ b/nselib/ssh2.lua
@@ -228,7 +228,7 @@ fetch_host_key = function( host, port, key_type )
    stdnse.print_debug( "Unsupported key type: %s", key_type )
  end

-  return { key=public_host_key, key_type=key_type, fp_input=public_host_key, bits=bits,
+  return { key=base64.enc(public_host_key), key_type=key_type, fp_input=public_host_key, bits=bits,
           full_key=('%s %s'):format(key_type,base64.enc(public_host_key)),
           algorithm=algorithm, fingerprint=openssl.md5(public_host_key) }
 end
--- a/scripts/ssh-hostkey.nse
+++ b/scripts/ssh-hostkey.nse
@@ -151,7 +151,7 @@ local function portaction(host, port)
      fingerprint=stdnse.tohex(key.fingerprint),
      type=key.key_type,
      bits=key.bits,
-      key=base64.enc(key.key),
+      key=key.key,
    })
    if format:find( 'hex', 1, true ) or all_formats then
      table.insert( output, ssh1.fingerprint_hex( key.fingerprint, key.algorithm, key.bits ) )