elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-06-25 12:04:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added warnings to all key exchanges that do not provide protection against quantum attacks.

Browse Source
This commit is contained in:
Joe Testa
2024-11-25 15:56:51 -05:00
parent a01baadfa8
commit 28a1e23986
26 changed files with 475 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
test/docker/expected_results/dropbear_2019.78_test1.json
View File

@ -116,6 +116,9 @@
"info": [
"default key exchange from OpenSSH 7.4 to 8.9",
"available since OpenSSH 7.4, Dropbear SSH 2018.76"
],
"warn": [
"does not provide protection against post-quantum attacks"
]
}
},
@ -125,6 +128,9 @@
"info": [
"default key exchange from OpenSSH 6.5 to 7.3",
"available since OpenSSH 6.4, Dropbear SSH 2013.62"
],
"warn": [
"does not provide protection against post-quantum attacks"
]
}
},
@ -136,6 +142,9 @@
],
"info": [
"available since OpenSSH 5.7, Dropbear SSH 2013.62"
],
"warn": [
"does not provide protection against post-quantum attacks"
]
}
},
@ -147,6 +156,9 @@
],
"info": [
"available since OpenSSH 5.7, Dropbear SSH 2013.62"
],
"warn": [
"does not provide protection against post-quantum attacks"
]
}
},
@ -158,6 +170,9 @@
],
"info": [
"available since OpenSSH 5.7, Dropbear SSH 2013.62"
],
"warn": [
"does not provide protection against post-quantum attacks"
]
}
},
@ -168,7 +183,8 @@
"available since OpenSSH 7.3, Dropbear SSH 2016.73"
],
"warn": [
"2048-bit modulus only provides 112-bits of symmetric strength"
"2048-bit modulus only provides 112-bits of symmetric strength",
"does not provide protection against post-quantum attacks"
]
}
},
@ -182,7 +198,8 @@
"available since OpenSSH 3.9, Dropbear SSH 0.53"
],
"warn": [
"2048-bit modulus only provides 112-bits of symmetric strength"
"2048-bit modulus only provides 112-bits of symmetric strength",
"does not provide protection against post-quantum attacks"
]
}
},
@ -191,6 +208,9 @@
"notes": {
"info": [
"available since Dropbear SSH 2013.57"
],
"warn": [
"does not provide protection against post-quantum attacks"
]
}
}
@ -349,12 +369,6 @@
"name": "twofish256-ctr",
"notes": ""
}
],
"kex": [
{
"name": "diffie-hellman-group16-sha512",
"notes": ""
}
]
}
},
@ -371,9 +385,21 @@
}
],
"kex": [
{
"name": "curve25519-sha256",
"notes": ""
},
{
"name": "curve25519-sha256@libssh.org",
"notes": ""
},
{
"name": "diffie-hellman-group14-sha256",
"notes": ""
},
{
"name": "kexguess2@matt.ucc.asn.au",
"notes": ""
}
],
"mac": [