Use SHA1 for SSH key fingerprinting -- likely needs zeekygen docs update

src/analyzer/protocol/ssh/ssh-analyzer.pac

@@ -7,7 +7,7 @@
 
 %header{
 zeek::VectorValPtr name_list_to_vector(const bytestring& nl);
-const char* fingerprint_md5(const unsigned char* d);
+const char* fingerprint_sha1(const unsigned char* d);
 %}
 
 %code{
@@ -48,12 +48,13 @@ zeek::VectorValPtr name_list_to_vector(const bytestring& nl)
 	return vv;
 	}
 
-const char* fingerprint_md5(const unsigned char* d)
+const char* fingerprint_sha1(const unsigned char* d)
 	{
-	return zeek::util::fmt("%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:"
+	return zeek::util::fmt("%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:"
-	                       "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x",
+	                       "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x",
 	                       d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7],
-	                       d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
+	                       d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15],
+	                       d[16], d[17], d[18], d[19]);
 	}
 %}
 
@@ -203,12 +204,12 @@ refine flow SSH_Flow += {
 		%{
 		if ( ssh_server_host_key )
 			{
-			unsigned char digest[ZEEK_MD5_DIGEST_LENGTH];
+			unsigned char digest[ZEEK_SHA_DIGEST_LENGTH];
-			zeek::detail::internal_md5(${key}.data(), ${key}.length(), digest);
+			zeek::detail::internal_sha1(${key}.data(), ${key}.length(), digest);
 
 			zeek::BifEvent::enqueue_ssh_server_host_key(connection()->zeek_analyzer(),
 				connection()->zeek_analyzer()->Conn(),
-				zeek::make_intrusive<zeek::StringVal>(fingerprint_md5(digest)));
+				zeek::make_intrusive<zeek::StringVal>(fingerprint_sha1(digest)));
 			}
 
 		if ( ssh2_server_host_key )
@@ -225,8 +226,8 @@ refine flow SSH_Flow += {
 		%{
 		if ( ssh_server_host_key )
 			{
-			unsigned char digest[ZEEK_MD5_DIGEST_LENGTH];
+			unsigned char digest[ZEEK_SHA_DIGEST_LENGTH];
-			auto ctx = zeek::detail::hash_init(zeek::detail::Hash_MD5);
+			auto ctx = zeek::detail::hash_init(zeek::detail::Hash_SHA1);
 			// Fingerprint is calculated over concatenation of modulus + exponent.
 			zeek::detail::hash_update(ctx, ${mod}.data(), ${mod}.length());
 			zeek::detail::hash_update(ctx, ${exp}.data(), ${exp}.length());
@@ -234,7 +235,7 @@ refine flow SSH_Flow += {
 
 			zeek::BifEvent::enqueue_ssh_server_host_key(connection()->zeek_analyzer(),
 				connection()->zeek_analyzer()->Conn(),
-				zeek::make_intrusive<zeek::StringVal>(fingerprint_md5(digest)));
+				zeek::make_intrusive<zeek::StringVal>(fingerprint_sha1(digest)));
 			}
 
 		if ( ssh1_server_host_key )

testing/btest/Baseline/core.tunnels.gre/ssh.log

@@ -7,5 +7,5 @@
 #open XXXX-XX-XX-XX-XX-XX
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	version	auth_success	auth_attempts	direction	client	server	cipher_alg	mac_alg	compression_alg	kex_alg	host_key_alg	host_key
 #types	time	string	addr	port	addr	port	count	bool	count	enum	string	string	string	string	string	string	string	string
-XXXXXXXXXX.XXXXXX	CtPZjS20MLrsMUOJi2	66.59.111.190	40264	172.28.2.3	22	2	-	0	INBOUND	SSH-2.0-OpenSSH_3.6.1p1	SSH-1.99-OpenSSH_3.1p1	blowfish-cbc	hmac-md5	zlib	diffie-hellman-group-exchange-sha1	ssh-rsa	20:7c:e5:96:b0:4e:ce:a4:db:e4:aa:29:e8:90:98:07
+XXXXXXXXXX.XXXXXX	CtPZjS20MLrsMUOJi2	66.59.111.190	40264	172.28.2.3	22	2	-	0	INBOUND	SSH-2.0-OpenSSH_3.6.1p1	SSH-1.99-OpenSSH_3.1p1	blowfish-cbc	hmac-md5	zlib	diffie-hellman-group-exchange-sha1	ssh-rsa	2a:1c:5c:b2:70:cb:1c:ce:82:87:9a:42:f3:7a:ff:b9:55:56:cf:cb
 #close XXXX-XX-XX-XX-XX-XX

testing/btest/Baseline/scripts.base.protocols.ssh.basic/ssh.log

@@ -7,26 +7,26 @@
 #open XXXX-XX-XX-XX-XX-XX
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	version	auth_success	auth_attempts	direction	client	server	cipher_alg	mac_alg	compression_alg	kex_alg	host_key_alg	host_key
 #types	time	string	addr	port	addr	port	count	bool	count	enum	string	string	string	string	string	string	string	string
-XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	192.168.1.79	51880	131.159.21.1	22	2	-	0	OUTBOUND	SSH-2.0-OpenSSH_5.9	SSH-2.0-OpenSSH_5.8	aes128-ctr	hmac-md5	zlib@openssh.com	ecdh-sha2-nistp256	ecdsa-sha2-nistp256	a7:26:62:3f:75:1f:33:8a:f3:32:90:8b:73:fd:2c:83
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	192.168.1.79	51880	131.159.21.1	22	2	-	0	OUTBOUND	SSH-2.0-OpenSSH_5.9	SSH-2.0-OpenSSH_5.8	aes128-ctr	hmac-md5	zlib@openssh.com	ecdh-sha2-nistp256	ecdsa-sha2-nistp256	fc:19:24:73:76:81:79:05:5b:22:42:88:8c:3a:6c:d3:a6:97:6a:4f
-XXXXXXXXXX.XXXXXX	ClEkJM2Vm5giqnMf4h	10.0.0.18	40184	128.2.6.88	41644	2	T	1	OUTBOUND	SSH-2.0-OpenSSH_6.6	SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1	aes128-ctr	hmac-md5	none	ecdh-sha2-nistp256	ssh-rsa	8a:8d:55:28:1e:71:04:99:94:43:22:89:e5:ff:e9:03
+XXXXXXXXXX.XXXXXX	ClEkJM2Vm5giqnMf4h	10.0.0.18	40184	128.2.6.88	41644	2	T	1	OUTBOUND	SSH-2.0-OpenSSH_6.6	SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.1	aes128-ctr	hmac-md5	none	ecdh-sha2-nistp256	ssh-rsa	af:a9:05:df:75:62:f9:85:2b:da:99:cd:04:bf:25:19:a9:11:c2:a6
-XXXXXXXXXX.XXXXXX	C4J4Th3PJpwUYZZ6gc	192.168.2.1	57189	192.168.2.158	22	2	T	3	-	SSH-2.0-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	aes128-ctr	hmac-md5-etm@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	28:78:65:c1:c3:26:f7:1b:65:6a:44:14:d0:04:8f:b3
+XXXXXXXXXX.XXXXXX	C4J4Th3PJpwUYZZ6gc	192.168.2.1	57189	192.168.2.158	22	2	T	3	-	SSH-2.0-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	aes128-ctr	hmac-md5-etm@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	6a:34:66:51:0c:23:f7:b3:8c:f6:3f:b7:0d:5e:95:0d:5e:47:b8:fa
-XXXXXXXXXX.XXXXXX	CtPZjS20MLrsMUOJi2	192.168.2.1	57191	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	a1:73:d1:e1:25:72:79:71:56:56:65:ed:81:bf:67:98
+XXXXXXXXXX.XXXXXX	CtPZjS20MLrsMUOJi2	192.168.2.1	57191	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	e1:5d:d9:6c:0a:cf:fb:7a:39:2e:22:bb:d8:d0:1c:a0:4c:38:a4:4a
-XXXXXXXXXX.XXXXXX	CUM0KZ3MLUfNB0cl11	192.168.2.1	55179	192.168.2.158	2200	2	T	1	-	SSH-2.0-OpenSSH_6.2	SSH-2.0-paramiko_1.15.2	aes128-ctr	hmac-md5	none	diffie-hellman-group-exchange-sha1	ssh-rsa	60:73:38:44:cb:51:86:65:7f:de:da:a2:2b:5a:57:d5
+XXXXXXXXXX.XXXXXX	CUM0KZ3MLUfNB0cl11	192.168.2.1	55179	192.168.2.158	2200	2	T	1	-	SSH-2.0-OpenSSH_6.2	SSH-2.0-paramiko_1.15.2	aes128-ctr	hmac-md5	none	diffie-hellman-group-exchange-sha1	ssh-rsa	8b:e4:98:22:24:72:55:cf:a8:ee:cb:a4:8f:75:78:c2:cd:d8:d0:58
-XXXXXXXXXX.XXXXXX	CmES5u32sYpV7JYN	192.168.2.1	56594	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_5.3	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	a1:73:d1:e1:25:72:79:71:56:56:65:ed:81:bf:67:98
+XXXXXXXXXX.XXXXXX	CmES5u32sYpV7JYN	192.168.2.1	56594	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_5.3	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	e1:5d:d9:6c:0a:cf:fb:7a:39:2e:22:bb:d8:d0:1c:a0:4c:38:a4:4a
-XXXXXXXXXX.XXXXXX	CP5puj4I8PtEU4qzYg	192.168.2.1	56821	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	a1:73:d1:e1:25:72:79:71:56:56:65:ed:81:bf:67:98
+XXXXXXXXXX.XXXXXX	CP5puj4I8PtEU4qzYg	192.168.2.1	56821	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	e1:5d:d9:6c:0a:cf:fb:7a:39:2e:22:bb:d8:d0:1c:a0:4c:38:a4:4a
-XXXXXXXXXX.XXXXXX	C37jN32gN3y3AZzyf6	192.168.2.1	56837	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	a1:73:d1:e1:25:72:79:71:56:56:65:ed:81:bf:67:98
+XXXXXXXXXX.XXXXXX	C37jN32gN3y3AZzyf6	192.168.2.1	56837	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	e1:5d:d9:6c:0a:cf:fb:7a:39:2e:22:bb:d8:d0:1c:a0:4c:38:a4:4a
-XXXXXXXXXX.XXXXXX	C3eiCBGOLw3VtHfOj	192.168.2.1	56845	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	a1:73:d1:e1:25:72:79:71:56:56:65:ed:81:bf:67:98
+XXXXXXXXXX.XXXXXX	C3eiCBGOLw3VtHfOj	192.168.2.1	56845	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	e1:5d:d9:6c:0a:cf:fb:7a:39:2e:22:bb:d8:d0:1c:a0:4c:38:a4:4a
-XXXXXXXXXX.XXXXXX	CwjjYJ2WqgTbAqiHl6	192.168.2.1	56875	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	a1:73:d1:e1:25:72:79:71:56:56:65:ed:81:bf:67:98
+XXXXXXXXXX.XXXXXX	CwjjYJ2WqgTbAqiHl6	192.168.2.1	56875	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	e1:5d:d9:6c:0a:cf:fb:7a:39:2e:22:bb:d8:d0:1c:a0:4c:38:a4:4a
-XXXXXXXXXX.XXXXXX	C0LAHyvtKSQHyJxIl	192.168.2.1	56878	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	a1:73:d1:e1:25:72:79:71:56:56:65:ed:81:bf:67:98
+XXXXXXXXXX.XXXXXX	C0LAHyvtKSQHyJxIl	192.168.2.1	56878	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	e1:5d:d9:6c:0a:cf:fb:7a:39:2e:22:bb:d8:d0:1c:a0:4c:38:a4:4a
-XXXXXXXXXX.XXXXXX	CFLRIC3zaTU1loLGxh	192.168.2.1	56940	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	a1:73:d1:e1:25:72:79:71:56:56:65:ed:81:bf:67:98
+XXXXXXXXXX.XXXXXX	CFLRIC3zaTU1loLGxh	192.168.2.1	56940	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	e1:5d:d9:6c:0a:cf:fb:7a:39:2e:22:bb:d8:d0:1c:a0:4c:38:a4:4a
-XXXXXXXXXX.XXXXXX	C9rXSW3KSpTYvPrlI1	192.168.2.1	57831	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	a1:73:d1:e1:25:72:79:71:56:56:65:ed:81:bf:67:98
+XXXXXXXXXX.XXXXXX	C9rXSW3KSpTYvPrlI1	192.168.2.1	57831	192.168.2.158	22	1	-	0	-	SSH-1.5-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	-	-	-	-	-	e1:5d:d9:6c:0a:cf:fb:7a:39:2e:22:bb:d8:d0:1c:a0:4c:38:a4:4a
-XXXXXXXXXX.XXXXXX	Ck51lg1bScffFj34Ri	192.168.2.1	59246	192.168.2.158	22	2	T	2	-	SSH-2.0-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	arcfour256	hmac-md5-etm@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	28:78:65:c1:c3:26:f7:1b:65:6a:44:14:d0:04:8f:b3
+XXXXXXXXXX.XXXXXX	Ck51lg1bScffFj34Ri	192.168.2.1	59246	192.168.2.158	22	2	T	2	-	SSH-2.0-OpenSSH_6.2	SSH-1.99-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2	arcfour256	hmac-md5-etm@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	6a:34:66:51:0c:23:f7:b3:8c:f6:3f:b7:0d:5e:95:0d:5e:47:b8:fa
-XXXXXXXXXX.XXXXXX	C9mvWx3ezztgzcexV7	192.168.1.32	41164	128.2.10.238	22	2	T	5	OUTBOUND	SSH-2.0-OpenSSH_6.6p1-hpn14v4	SSH-1.99-OpenSSH_3.4+p1+gssapi+OpenSSH_3.7.1buf_fix+2006100301	aes128-cbc	hmac-md5	none	diffie-hellman-group-exchange-sha1	ssh-rsa	7f:e5:81:92:26:77:05:44:c4:60:fb:cd:89:c8:81:ee
+XXXXXXXXXX.XXXXXX	C9mvWx3ezztgzcexV7	192.168.1.32	41164	128.2.10.238	22	2	T	5	OUTBOUND	SSH-2.0-OpenSSH_6.6p1-hpn14v4	SSH-1.99-OpenSSH_3.4+p1+gssapi+OpenSSH_3.7.1buf_fix+2006100301	aes128-cbc	hmac-md5	none	diffie-hellman-group-exchange-sha1	ssh-rsa	7b:3a:12:0f:e5:d3:5c:95:f9:31:9f:70:a8:94:4f:92:ba:1f:b8:b1
-XXXXXXXXXX.XXXXXX	CNnMIj2QSd84NKf7U3	192.168.1.32	33910	128.2.13.133	22	2	T	1	OUTBOUND	SSH-2.0-OpenSSH_6.6p1-hpn14v4	SSH-2.0-OpenSSH_5.3	aes128-ctr	hmac-md5	none	diffie-hellman-group-exchange-sha256	ssh-rsa	93:d8:4c:0d:b2:c3:2e:da:b9:c0:67:db:e4:8f:95:04
+XXXXXXXXXX.XXXXXX	CNnMIj2QSd84NKf7U3	192.168.1.32	33910	128.2.13.133	22	2	T	1	OUTBOUND	SSH-2.0-OpenSSH_6.6p1-hpn14v4	SSH-2.0-OpenSSH_5.3	aes128-ctr	hmac-md5	none	diffie-hellman-group-exchange-sha256	ssh-rsa	f4:2c:ac:d1:60:f1:ce:87:a1:9a:86:18:cd:66:8d:18:a8:75:e7:6c
-XXXXXXXXXX.XXXXXX	C7fIlMZDuRiqjpYbb	192.168.1.32	41268	128.2.10.238	22	2	F	6	OUTBOUND	SSH-2.0-OpenSSH_6.6	SSH-1.99-OpenSSH_3.4+p1+gssapi+OpenSSH_3.7.1buf_fix+2006100301	aes128-cbc	hmac-md5	none	diffie-hellman-group-exchange-sha1	ssh-rsa	7f:e5:81:92:26:77:05:44:c4:60:fb:cd:89:c8:81:ee
+XXXXXXXXXX.XXXXXX	C7fIlMZDuRiqjpYbb	192.168.1.32	41268	128.2.10.238	22	2	F	6	OUTBOUND	SSH-2.0-OpenSSH_6.6	SSH-1.99-OpenSSH_3.4+p1+gssapi+OpenSSH_3.7.1buf_fix+2006100301	aes128-cbc	hmac-md5	none	diffie-hellman-group-exchange-sha1	ssh-rsa	7b:3a:12:0f:e5:d3:5c:95:f9:31:9f:70:a8:94:4f:92:ba:1f:b8:b1
-XXXXXXXXXX.XXXXXX	CpmdRlaUoJLN3uIRa	192.168.1.31	52294	192.168.1.32	22	2	T	2	-	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_6.7	chacha20-poly1305@openssh.com	hmac-sha2-512-etm@openssh.com	none	curve25519-sha256@libssh.org	ssh-ed25519-cert-v01@openssh.com	e4:b1:8e:ca:6e:0e:e5:3c:7e:a4:0e:70:34:9d:b2:b1
+XXXXXXXXXX.XXXXXX	CpmdRlaUoJLN3uIRa	192.168.1.31	52294	192.168.1.32	22	2	T	2	-	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_6.7	chacha20-poly1305@openssh.com	hmac-sha2-512-etm@openssh.com	none	curve25519-sha256@libssh.org	ssh-ed25519-cert-v01@openssh.com	b5:56:54:86:69:5e:c2:48:30:7d:72:92:1c:38:6b:c9:a5:5a:50:61
-XXXXXXXXXX.XXXXXX	C1Xkzz2MaGtLrc1Tla	192.168.1.31	51489	192.168.1.32	22	2	T	3	-	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_6.7	chacha20-poly1305@openssh.com	hmac-sha2-512-etm@openssh.com	none	curve25519-sha256@libssh.org	ssh-ed25519-cert-v01@openssh.com	e4:b1:8e:ca:6e:0e:e5:3c:7e:a4:0e:70:34:9d:b2:b1
+XXXXXXXXXX.XXXXXX	C1Xkzz2MaGtLrc1Tla	192.168.1.31	51489	192.168.1.32	22	2	T	3	-	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_6.7	chacha20-poly1305@openssh.com	hmac-sha2-512-etm@openssh.com	none	curve25519-sha256@libssh.org	ssh-ed25519-cert-v01@openssh.com	b5:56:54:86:69:5e:c2:48:30:7d:72:92:1c:38:6b:c9:a5:5a:50:61
-XXXXXXXXXX.XXXXXX	CLNN1k2QMum1aexUK7	192.168.1.32	58641	131.103.20.168	22	2	F	1	OUTBOUND	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_5.3	aes128-ctr	umac-64@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40
+XXXXXXXXXX.XXXXXX	CLNN1k2QMum1aexUK7	192.168.1.32	58641	131.103.20.168	22	2	F	1	OUTBOUND	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_5.3	aes128-ctr	umac-64@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	d0:1a:0e:75:74:79:fb:52:ef:94:c3:1a:0e:34:e2:be:7c:d4:54:a5
-XXXXXXXXXX.XXXXXX	CBA8792iHmnhPLksKa	192.168.1.32	58646	131.103.20.168	22	2	T	1	OUTBOUND	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_5.3	aes128-ctr	umac-64@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40
+XXXXXXXXXX.XXXXXX	CBA8792iHmnhPLksKa	192.168.1.32	58646	131.103.20.168	22	2	T	1	OUTBOUND	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_5.3	aes128-ctr	umac-64@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	d0:1a:0e:75:74:79:fb:52:ef:94:c3:1a:0e:34:e2:be:7c:d4:54:a5
-XXXXXXXXXX.XXXXXX	CGLPPc35OzDQij1XX8	192.168.1.32	58649	131.103.20.168	22	2	T	1	OUTBOUND	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_5.3	aes128-ctr	umac-64@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	97:8c:1b:f2:6f:14:6b:5c:3b:ec:aa:46:46:74:7c:40
+XXXXXXXXXX.XXXXXX	CGLPPc35OzDQij1XX8	192.168.1.32	58649	131.103.20.168	22	2	T	1	OUTBOUND	SSH-2.0-OpenSSH_6.7	SSH-2.0-OpenSSH_5.3	aes128-ctr	umac-64@openssh.com	none	diffie-hellman-group-exchange-sha256	ssh-rsa	d0:1a:0e:75:74:79:fb:52:ef:94:c3:1a:0e:34:e2:be:7c:d4:54:a5
 #close XXXX-XX-XX-XX-XX-XX

testing/btest/Baseline/scripts.base.protocols.ssh.curve25519_kex/ssh.log

@@ -7,5 +7,5 @@
 #open XXXX-XX-XX-XX-XX-XX
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	version	auth_success	auth_attempts	direction	client	server	cipher_alg	mac_alg	compression_alg	kex_alg	host_key_alg	host_key
 #types	time	string	addr	port	addr	port	count	bool	count	enum	string	string	string	string	string	string	string	string
-XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	192.168.1.100	60906	192.168.1.32	22	2	T	2	-	SSH-2.0-OpenSSH_7.4	SSH-2.0-OpenSSH_7.5	chacha20-poly1305@openssh.com	hmac-sha2-512-etm@openssh.com	none	curve25519-sha256	ssh-ed25519-cert-v01@openssh.com	e4:b1:8e:ca:6e:0e:e5:3c:7e:a4:0e:70:34:9d:b2:b1
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	192.168.1.100	60906	192.168.1.32	22	2	T	2	-	SSH-2.0-OpenSSH_7.4	SSH-2.0-OpenSSH_7.5	chacha20-poly1305@openssh.com	hmac-sha2-512-etm@openssh.com	none	curve25519-sha256	ssh-ed25519-cert-v01@openssh.com	b5:56:54:86:69:5e:c2:48:30:7d:72:92:1c:38:6b:c9:a5:5a:50:61
 #close XXXX-XX-XX-XX-XX-XX

testing/btest/Baseline/scripts.base.protocols.ssh.fingerprints/out

@@ -1,5 +1,5 @@
 ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
-ssh server host key fingerprint, c7:eb:77:5d:d1:64:31:d6:1b:e8:99:5f:a7:09:a1:d7
+ssh server host key fingerprint, f5:eb:df:9b:fc:59:0a:b7:f1:c9:1b:78:9d:b7:32:d7:04:f2:fe:1e
 ssh2 server host key fingerprint, f5ebdf9bfc590ab7f1c91b789db732d704f2fe1e
-ssh server host key fingerprint, 55:17:eb:fa:2e:7f:b3:7b:33:42:7c:9d:44:85:56:da
+ssh server host key fingerprint, b0:8d:68:17:4a:26:90:de:53:ed:f0:f6:a4:e5:b0:ad:8f:d6:6e:5b
 ssh1 server host key fingerprint, b08d68174a2690de53edf0f6a4e5b0ad8fd66e5b

testing/btest/Baseline/scripts.base.protocols.ssh.ssh_version_199/ssh.log

@@ -7,5 +7,5 @@
 #open XXXX-XX-XX-XX-XX-XX
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	version	auth_success	auth_attempts	direction	client	server	cipher_alg	mac_alg	compression_alg	kex_alg	host_key_alg	host_key
 #types	time	string	addr	port	addr	port	count	bool	count	enum	string	string	string	string	string	string	string	string
-XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	10.0.0.1	59139	10.0.0.2	22	2	T	1	-	SSH-1.99-Cisco-1.25	SSH-2.0-Cisco-1.25	aes128-cbc	hmac-sha1	none	diffie-hellman-group1-sha1	ssh-rsa	91:0a:ed:3f:79:71:22:f9:97:66:71:f8:c9:a5:b4:10
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	10.0.0.1	59139	10.0.0.2	22	2	T	1	-	SSH-1.99-Cisco-1.25	SSH-2.0-Cisco-1.25	aes128-cbc	hmac-sha1	none	diffie-hellman-group1-sha1	ssh-rsa	f7:19:2a:c1:25:34:10:53:ac:0f:7c:3f:4b:3f:9b:18:5b:bc:d4:4a
 #close XXXX-XX-XX-XX-XX-XX