ssh-audit/test/docker/expected_results/tinyssh_20190101_test1.json

{
    "additional_notes": [
        ""
    ],
    "banner": {
        "comments": "",
        "protocol": "2.0",
        "raw": "",
        "software": "tinyssh_noversion"
    },
    "compression": [
        "none"
    ],
    "cves": [],
    "enc": [
        {
            "algorithm": "chacha20-poly1305@openssh.com",
            "notes": {
                "info": [
                    "default cipher since OpenSSH 6.9",
                    "available since OpenSSH 6.5"
                ],
                "warn": [
                    "vulnerable to the Terrapin attack (CVE-2023-48795), allowing message prefix truncation"
                ]
            }
        }
    ],
    "fingerprints": [
        {
            "hash": "89ocln1x7KNqnMgWffGoYtD70ksJ4FrH7BMJHa7SrwU",
            "hash_alg": "SHA256",
            "hostkey": "ssh-ed25519"
        },
        {
            "hash": "dd:9c:6d:f9:b0:8c:af:fa:c2:65:81:5d:5d:56:f8:21",
            "hash_alg": "MD5",
            "hostkey": "ssh-ed25519"
        }
    ],
    "kex": [
        {
            "algorithm": "curve25519-sha256",
            "notes": {
                "info": [
                    "default key exchange from OpenSSH 6.4 to 8.9",
                    "available since OpenSSH 7.4, Dropbear SSH 2018.76"
                ]
            }
        },
        {
            "algorithm": "curve25519-sha256@libssh.org",
            "notes": {
                "info": [
                    "default key exchange from OpenSSH 6.4 to 8.9",
                    "available since OpenSSH 6.4, Dropbear SSH 2013.62"
                ]
            }
        },
        {
            "algorithm": "sntrup4591761x25519-sha512@tinyssh.org",
            "notes": {
                "info": [
                    "the sntrup4591761 algorithm was withdrawn, as it may not provide strong post-quantum security",
                    "available since OpenSSH 8.0"
                ],
                "warn": [
                    "using experimental algorithm"
                ]
            }
        }
    ],
    "key": [
        {
            "algorithm": "ssh-ed25519",
            "notes": {
                "info": [
                    "available since OpenSSH 6.5"
                ]
            }
        }
    ],
    "mac": [
        {
            "algorithm": "hmac-sha2-256",
            "notes": {
                "info": [
                    "available since OpenSSH 5.9, Dropbear SSH 2013.56"
                ],
                "warn": [
                    "using encrypt-and-MAC mode"
                ]
            }
        }
    ],
    "recommendations": {},
    "target": "localhost:2222"
}
Added recommendations and CVE information to JSON output (#122). 2023-03-24 23:48:36 +01:00			`{`
Added 'additional_notes' field to JSON output. 2023-12-20 00:03:07 +01:00			`"additional_notes": [`
			`""`
			`],`
Added recommendations and CVE information to JSON output (#122). 2023-03-24 23:48:36 +01:00			`"banner": {`
			`"comments": "",`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`"protocol": "2.0",`
Added recommendations and CVE information to JSON output (#122). 2023-03-24 23:48:36 +01:00			`"raw": "",`
			`"software": "tinyssh_noversion"`
			`},`
			`"compression": [`
			`"none"`
			`],`
			`"cves": [],`
			`"enc": [`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`{`
			`"algorithm": "chacha20-poly1305@openssh.com",`
			`"notes": {`
			`"info": [`
			`"default cipher since OpenSSH 6.9",`
			`"available since OpenSSH 6.5"`
Added note that when a target is properly configured against the Terrapin vulnerability that unpatched peers may still create vulnerable connections. Updated Ubuntu Server & Client 20.04 & 22.04 policies to include new key exchange markers related to Terrapin counter-measures. 2023-12-19 20:03:28 +01:00			`],`
			`"warn": [`
			`"vulnerable to the Terrapin attack (CVE-2023-48795), allowing message prefix truncation"`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`]`
			`}`
			`}`
Added recommendations and CVE information to JSON output (#122). 2023-03-24 23:48:36 +01:00			`],`
			`"fingerprints": [`
			`{`
			`"hash": "89ocln1x7KNqnMgWffGoYtD70ksJ4FrH7BMJHa7SrwU",`
			`"hash_alg": "SHA256",`
			`"hostkey": "ssh-ed25519"`
			`},`
			`{`
			`"hash": "dd:9c:6d:f9:b0:8c:af:fa:c2:65:81:5d:5d:56:f8:21",`
			`"hash_alg": "MD5",`
			`"hostkey": "ssh-ed25519"`
			`}`
			`],`
			`"kex": [`
			`{`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`"algorithm": "curve25519-sha256",`
			`"notes": {`
			`"info": [`
Added note that sntrup761x25519-sha512@openssh.com is the default OpenSSH kex since version 9.0. 2024-03-15 22:24:21 +01:00			`"default key exchange from OpenSSH 6.4 to 8.9",`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`"available since OpenSSH 7.4, Dropbear SSH 2018.76"`
			`]`
			`}`
Added recommendations and CVE information to JSON output (#122). 2023-03-24 23:48:36 +01:00			`},`
			`{`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`"algorithm": "curve25519-sha256@libssh.org",`
			`"notes": {`
			`"info": [`
Added note that sntrup761x25519-sha512@openssh.com is the default OpenSSH kex since version 9.0. 2024-03-15 22:24:21 +01:00			`"default key exchange from OpenSSH 6.4 to 8.9",`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`"available since OpenSSH 6.4, Dropbear SSH 2013.62"`
			`]`
			`}`
Added recommendations and CVE information to JSON output (#122). 2023-03-24 23:48:36 +01:00			`},`
			`{`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`"algorithm": "sntrup4591761x25519-sha512@tinyssh.org",`
			`"notes": {`
			`"info": [`
			`"the sntrup4591761 algorithm was withdrawn, as it may not provide strong post-quantum security",`
			`"available since OpenSSH 8.0"`
			`],`
			`"warn": [`
			`"using experimental algorithm"`
			`]`
			`}`
Added recommendations and CVE information to JSON output (#122). 2023-03-24 23:48:36 +01:00			`}`
			`],`
			`"key": [`
			`{`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`"algorithm": "ssh-ed25519",`
			`"notes": {`
			`"info": [`
			`"available since OpenSSH 6.5"`
			`]`
			`}`
Added recommendations and CVE information to JSON output (#122). 2023-03-24 23:48:36 +01:00			`}`
			`],`
			`"mac": [`
Refined JSON notes output. Fixed Docker & Tox tests. 2023-09-05 22:36:54 +02:00			`{`
			`"algorithm": "hmac-sha2-256",`
			`"notes": {`
			`"info": [`
			`"available since OpenSSH 5.9, Dropbear SSH 2013.56"`
			`],`
			`"warn": [`
			`"using encrypt-and-MAC mode"`
			`]`
			`}`
			`}`
Added recommendations and CVE information to JSON output (#122). 2023-03-24 23:48:36 +01:00			`],`
			`"recommendations": {},`
			`"target": "localhost:2222"`
			`}`