[COMPLETED] Contributor Invite: Show server fingerprint in SSH page

About this Contributor Invite:

  • Task Area: Coding
  • Effort rating: 2/5
  • Skills required: Python, Django Views/Templates

Description of the Problem:

Before a user connects to FreedomBox via SSH, they should take a security precaution: verify that the server they are connecting to is the correct one. Otherwise, it is possible to perform person-in-the-middle attacks. In order to verify the SSH server, users must match the SSH fingerprint shown by the client with the one provided by a server administrator. In case of FreedomBox, we need to show this information in the SSH server page. But currently, the SSH page in the FreedomBox interface does not show the SSH fingerprint.

What we ask of you:

  • Write a method to list the fingerprints for all the SSH keys on the server. Iterate through /etc/ssh/ssh_host_*_key.pub and run the command ssh-keygen -l -f <file> . Parse the output and extract the fingerprint and algorithm.
  • Add a table to the SSHAppView and show the fingerprint information in a tabular format. Create views.py for SSH, move the SSHAppView into it. Then pass the fingerprint information as context variable. Create a new template file for SSH and display the fingerprint information there.

Link to the issue in GitLab: https://salsa.debian.org/freedombox-team/plinth/issues/1650

How to claim this Contributor Invite:

Do you want to accept this invitation to contribute? If so, follow these steps:

  1. Comment on this forum post indicating that you would like to claim the invite. This will prevent multiple people from working on the same issue at the same time.
  2. Register an account with our GitLab instance and begin making your contributions on the GitLab issue page for this task. You can use the comment section of this forum post to ask questions, but the bulk of the development discussion should happen on GitLab.


If you need help with this issue, please feel free to ask for it from members of our core team:

  • Sunil Mohan Adapa (@sunil): Lead Developer & Code Reviewer
  • Joseph Nuthalapati (@njoseph ): DevOps Engineer, Developer, & Code Reviewer
  • James Valleroy (@jvalleroy) : Release Manager, Developer, & Code Reviewer
1 Like

I wold like to claim this invite! :wink:


@bisco Awesome! Congratulations on being the first person to accept a Contributor Invite!

To introduce myself: My name is Danny, and I work at the FreedomBox Foundation. Welcome to our community! Since you’re new, I want to make sure that you know about all the resources and support we offer our contributors. Check out our “Welcome” page for some basic information and for the contact info of our core team: https://wiki.debian.org/FreedomBox/Welcome

If you have the time, please do join one of our upcoming weekend progress calls and introduce yourself. These calls are completely optional, but you’re always welcome to join!

I’m happy to have you with us!

1 Like

This has just been completed: https://salsa.debian.org/freedombox-team/plinth/merge_requests/1575 . Thanks to @bisco. Welcome again to the team :slight_smile:

1 Like