5

I see an old question showing that when ssh connecting to a server, a hex fingerprint is displayed.

Why now is given in base64 format? What's the benefit?

I know MD5 is broken and now the default is sha256, but as for the fingerprint format, however, base64 encode and hex strings, are/indicates the same thing. What's the benefit on changing the format then?

Rick
  • 1,157

1 Answers1

9

It's not just the output format that has changed, but the algorithm used to generate the fingerprint. It used to be MD5, and now it is SHA256. MD5 is broken in many respects, and the general recommendation is to use SHA256 or the like. A change like that was long in coming.

From the release notes:

  • Add FingerprintHash option to ssh(1) and sshd(8), and equivalent
    command-line flags to the other tools to control algorithm used for key fingerprints. The default changes from MD5 to SHA256 and format from hex to base64.

    Fingerprints now have the hash algorithm prepended. An example of
    the new format: SHA256:mVPwvezndPv/ARoIadVY98vAC0g+P/5633yTC4d/wXE
    Please note that visual host keys will also be different.

You can still get the old output:

ssh -o FingerprintHash=md5 ...

SHA256 hashes have 256 bits of output, which translates to 64 characters in hex. That's double the length of the 32-character MD5 hash in hex. Base64 encoded SHA256 characters are only 44 bytes in length (and the last = for padding is omitted anyway).

muru
  • 72,889
  • 1
    Yes, I know MD5 is broken and now the default is sha256, but the format, however, base64 encode and hex strings, indicates the same thing. What's the benefit on changing the format then? – Rick Jun 26 '19 at 11:10
  • @Rick the same thing? An MD5 hash in hex is 32 characters, an sha256 hash in hex is 64 characters. That's double the length. In comparison, an sha256 hash in base64 is just 44 characters. – muru Jun 26 '19 at 11:16
  • Damn you are right. I was told that base64 encoding eventually increases length, so I had been thinking that base64 would always "increase" things. sha256 hex 64 characters, 256bits, while for base64,44 characters, but 44*8=352bits. – Rick Jun 26 '19 at 11:28
  • 1
    @Rick I think you meant 512 bits, but yes, that's about it. Base 64 increases length in comparison to the input, that's true, but it's always shorter than hex, since it can represent more bits in the same character. – muru Jun 26 '19 at 11:32
  • What is the 512bits you mention? Did I make another mistake in comments? Btw, thanks for the reference I am checking it now. – Rick Jun 26 '19 at 11:35
  • 1
    @Rick hex 64 characters == 64*8 = 512 bits. It's the unencoded output of sha256 that's 256 bits in length. – muru Jun 26 '19 at 11:37
  • So base64 wins (only) because of shorter length, while both are good at copy/paste? – Rick Jun 26 '19 at 11:44