elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2024-11-16 13:35:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added two new host key types: 'rsa-sha2-256-cert-v01@openssh.com' and 'rsa-sha2-512-cert-v01@openssh.com'.

Browse Source
This commit is contained in:
Joe Testa 2019-11-14 16:45:40 -05:00
parent dae92513fd
commit 2cff202b32
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -53,7 +53,7 @@ Below is a screen shot of the client-auditing output when an unhardened OpenSSH
## ChangeLog
### v2.2.0 (???)
- ???
- Added two new host key types: `rsa-sha2-256-cert-v01@openssh.com`, `rsa-sha2-512-cert-v01@openssh.com`.
### v2.1.0 (2019-11-14)
- Added client software auditing functionality (see `-c` / `--client-audit` option).

2
ssh-audit.py
View File

@ -386,6 +386,8 @@ class SSH2(object): # pylint: disable=too-few-public-methods
'ecdsa-sha2-nistp256-cert-v01@openssh.com': [['5.7'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp384-cert-v01@openssh.com': [['5.7'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
'ecdsa-sha2-nistp521-cert-v01@openssh.com': [['5.7'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
'rsa-sha2-256-cert-v01@openssh.com': [['7.8']],
'rsa-sha2-512-cert-v01@openssh.com': [['7.8']],
'ssh-rsa-sha256@ssh.com': [[]],
'ecdsa-sha2-1.3.132.0.10': [[], [], [WARN_RNDSIG_KEY]], # ECDSA over secp256k1 (i.e.: the Bitcoin curve)
},