elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-06-21 18:23:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refined GEX testing against OpenSSH servers: when the fallback mechanism is suspected of being triggered, perform an additional test to obtain more accurate results.

Browse Source
This commit is contained in:
Joe Testa
2023-09-03 16:13:00 -04:00
parent 3f2fdbaa3d
commit 199e75f6cd
19 changed files with 100 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
test/docker/expected_results/openssh_8.0p1_builtin_policy_test1.json
View File

@ -27,5 +27,5 @@
],
"host": "localhost",
"passed": false,
"policy": "Hardened OpenSSH Server v8.0 (version 2)"
"policy": "Hardened OpenSSH Server v8.0 (version 3)"
}

2
test/docker/expected_results/openssh_8.0p1_builtin_policy_test1.txt
View File

@ -1,5 +1,5 @@
Host: localhost:2222
Policy: Hardened OpenSSH Server v8.0 (version 2)
Policy: Hardened OpenSSH Server v8.0 (version 3)
Result: ❌ Failed!

Errors:

2
test/docker/expected_results/openssh_8.0p1_builtin_policy_test2.json
View File

@ -50,5 +50,5 @@
],
"host": "localhost",
"passed": false,
"policy": "Hardened OpenSSH Server v8.0 (version 2)"
"policy": "Hardened OpenSSH Server v8.0 (version 3)"
}

2
test/docker/expected_results/openssh_8.0p1_builtin_policy_test2.txt
View File

@ -1,5 +1,5 @@
Host: localhost:2222
Policy: Hardened OpenSSH Server v8.0 (version 2)
Policy: Hardened OpenSSH Server v8.0 (version 3)
Result: ❌ Failed!

Errors:

4
test/docker/expected_results/openssh_8.0p1_custom_policy_test14.json
View File

@ -2,13 +2,13 @@
"errors": [
{
"actual": [
"2048"
"4096"
],
"expected_optional": [
""
],
"expected_required": [
"4096"
"8192"
],
"mismatched_field": "Group exchange (diffie-hellman-group-exchange-sha256) modulus sizes"
}

4
test/docker/expected_results/openssh_8.0p1_custom_policy_test14.txt
View File

@ -16,6 +16,6 @@ Result: ❌ Failed!

Errors:
* Group exchange (diffie-hellman-group-exchange-sha256) modulus sizes did not match.
- Expected: 4096
- Actual: 2048
- Expected: 8192
- Actual: 4096


2
test/docker/expected_results/openssh_8.0p1_test1.json
View File

@ -82,7 +82,7 @@
},
{
"algorithm": "diffie-hellman-group-exchange-sha256",
"keysize": 2048
"keysize": 4096
},
{
"algorithm": "diffie-hellman-group16-sha512"

5
test/docker/expected_results/openssh_8.0p1_test1.txt
View File

@ -21,9 +21,8 @@
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp521 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [warn] 2048-bit modulus only provides 112-bits of symmetric strength
`- [info] available since OpenSSH 4.4
`- [info] A bug in OpenSSH causes it to fall back to a 2048-bit modulus regardless of server configuration (https://bugzilla.mindrot.org/show_bug.cgi?id=2793)
(kex) diffie-hellman-group-exchange-sha256 (4096-bit) -- [info] available since OpenSSH 4.4
`- [info] OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 4096. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).
(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group14-sha256 -- [warn] 2048-bit modulus only provides 112-bits of symmetric strength

2
test/docker/expected_results/openssh_8.0p1_test2.json
View File

@ -72,7 +72,7 @@
},
{
"algorithm": "diffie-hellman-group-exchange-sha256",
"keysize": 2048
"keysize": 4096
},
{
"algorithm": "diffie-hellman-group16-sha512"

5
test/docker/expected_results/openssh_8.0p1_test2.txt
View File

@ -21,9 +21,8 @@
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) ecdh-sha2-nistp521 -- [fail] using elliptic curves that are suspected as being backdoored by the U.S. National Security Agency
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [warn] 2048-bit modulus only provides 112-bits of symmetric strength
`- [info] available since OpenSSH 4.4
`- [info] A bug in OpenSSH causes it to fall back to a 2048-bit modulus regardless of server configuration (https://bugzilla.mindrot.org/show_bug.cgi?id=2793)
(kex) diffie-hellman-group-exchange-sha256 (4096-bit) -- [info] available since OpenSSH 4.4
`- [info] OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 4096. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).
(kex) diffie-hellman-group16-sha512 -- [info] available since OpenSSH 7.3, Dropbear SSH 2016.73
(kex) diffie-hellman-group18-sha512 -- [info] available since OpenSSH 7.3
(kex) diffie-hellman-group14-sha256 -- [warn] 2048-bit modulus only provides 112-bits of symmetric strength

2
test/docker/expected_results/openssh_8.0p1_test3.json
View File

@ -63,7 +63,7 @@
},
{
"algorithm": "diffie-hellman-group-exchange-sha256",
"keysize": 2048
"keysize": 4096
}
],
"key": [

5
test/docker/expected_results/openssh_8.0p1_test3.txt
View File

@ -15,9 +15,8 @@
`- [info] default key exchange since OpenSSH 6.4
(kex) curve25519-sha256@libssh.org -- [info] available since OpenSSH 6.4, Dropbear SSH 2013.62
`- [info] default key exchange since OpenSSH 6.4
(kex) diffie-hellman-group-exchange-sha256 (2048-bit) -- [warn] 2048-bit modulus only provides 112-bits of symmetric strength
`- [info] available since OpenSSH 4.4
`- [info] A bug in OpenSSH causes it to fall back to a 2048-bit modulus regardless of server configuration (https://bugzilla.mindrot.org/show_bug.cgi?id=2793)
(kex) diffie-hellman-group-exchange-sha256 (4096-bit) -- [info] available since OpenSSH 4.4
`- [info] OpenSSH's GEX fallback mechanism was triggered during testing. Very old SSH clients will still be able to create connections using a 2048-bit modulus, though modern clients will use 4096. This can only be disabled by recompiling the code (see https://github.com/openssh/openssh-portable/blob/V_9_4/dh.c#L477).
# host-key algorithms
(key) ssh-ed25519 -- [info] available since OpenSSH 6.5

2
test/docker/policies/policy_test13.txt
View File

@ -23,7 +23,7 @@ hostkey_size_rsa-sha2-512 = 3072
hostkey_size_ssh-rsa = 3072
# Group exchange DH modulus sizes.
dh_modulus_size_diffie-hellman-group-exchange-sha256 = 2048
dh_modulus_size_diffie-hellman-group-exchange-sha256 = 4096
# The host key types that must match exactly (order matters).
host keys = rsa-sha2-512, rsa-sha2-256, ssh-rsa, ecdsa-sha2-nistp256, ssh-ed25519

2
test/docker/policies/policy_test14.txt
View File

@ -23,7 +23,7 @@ hostkey_size_rsa-sha2-512 = 3072
hostkey_size_ssh-rsa = 3072
# Group exchange DH modulus sizes.
dh_modulus_size_diffie-hellman-group-exchange-sha256 = 4096
dh_modulus_size_diffie-hellman-group-exchange-sha256 = 8192
# The host key types that must match exactly (order matters).
host keys = rsa-sha2-512, rsa-sha2-256, ssh-rsa, ecdsa-sha2-nistp256, ssh-ed25519