Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863)

* Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen Fix #3985 Signed-off-by: Andrew Thornton <art27@cantab.net> * Pass up the unable to verify
2025-11-04 10:44:12 +01:00 · 2020-03-28 17:24:55 +00:00 · 2020-03-28 17:24:55 +00:00 · ea67e563dd
commit ea67e563dd
parent f9f2c163b1
2 changed files with 10 additions and 0 deletions
--- a/models/ssh_key.go
+++ b/models/ssh_key.go
@ -425,6 +425,9 @@ func calcFingerprintSSHKeygen(publicKeyContent string) (string, error) {
 	defer os.Remove(tmpPath)
 	stdout, stderr, err := process.GetManager().Exec("AddPublicKey", "ssh-keygen", "-lf", tmpPath)
 	if err != nil {
+		if strings.Contains(stderr, "is not a public key file") {
+			return "", ErrKeyUnableVerify{stderr}
+		}
 		return "", fmt.Errorf("'ssh-keygen -lf %s' failed with error '%s': %s", tmpPath, err, stderr)
 	} else if len(stdout) < 2 {
 		return "", errors.New("not enough output for calculating fingerprint: " + stdout)
@ -455,6 +458,10 @@ func calcFingerprint(publicKeyContent string) (string, error) {
 		fp, err = calcFingerprintSSHKeygen(publicKeyContent)
 	}
 	if err != nil {
+		if IsErrKeyUnableVerify(err) {
+			log.Info("%s", publicKeyContent)
+			return "", err
+		}
 		return "", fmt.Errorf("%s: %v", fnName, err)
 	}
 	return fp, nil
--- a/routers/user/setting/keys.go
+++ b/routers/user/setting/keys.go
@ -92,6 +92,9 @@ func KeysPost(ctx *context.Context, form auth.AddKeyForm) {

 				ctx.Data["Err_Title"] = true
 				ctx.RenderWithErr(ctx.Tr("settings.ssh_key_name_used"), tplSettingsKeys, &form)
+			case models.IsErrKeyUnableVerify(err):
+				ctx.Flash.Info(ctx.Tr("form.unable_verify_ssh_key"))
+				ctx.Redirect(setting.AppSubURL + "/user/settings/keys")
 			default:
 				ctx.ServerError("AddPublicKey", err)
 			}