elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-11-04 03:02:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Output fingerprint (defaults to SHA256 format).

Browse Source
This commit is contained in:
Andris Raugulis
2016-09-17 20:37:03 +03:00
parent 684ea315ec
commit 3421c8e294
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
ssh-audit.py
View File

@@ -1233,6 +1233,25 @@ def output_security(banner, padlen):
out.sep() out.sep()
def output_fingerprint(kex, pkm, sha256=True, padlen=0):
with OutputBuffer() as obuf:
fps = []
if pkm is not None:
name = 'ssh-rsa1'
fp = SSH.Fingerprint(pkm.host_key_fingerprint_data)
bits = pkm.host_key_bits
fps.append((name, fp, bits))
for fpp in fps:
name, fp, bits = fpp
fp = fp.sha256 if sha256 else fp.md5
p = '' if out.batch else ' ' * (padlen - len(name))
out.good('(fin) {0}{1} -- {2} {3}'.format(name, p, bits, fp))
if len(obuf) > 0:
out.head('# fingerprints')
obuf.flush()
out.sep()
def output(banner, header, kex=None, pkm=None): def output(banner, header, kex=None, pkm=None):
sshv = 1 if pkm else 2 sshv = 1 if pkm else 2
with OutputBuffer() as obuf: with OutputBuffer() as obuf:
@@ -1289,6 +1308,7 @@ def output(banner, header, kex=None, pkm=None):
output_algorithms(title, adb, atype, kex.server.encryption, maxlen) output_algorithms(title, adb, atype, kex.server.encryption, maxlen)
title, atype = 'message authentication code algorithms', 'mac' title, atype = 'message authentication code algorithms', 'mac'
output_algorithms(title, adb, atype, kex.server.mac, maxlen) output_algorithms(title, adb, atype, kex.server.mac, maxlen)
output_fingerprint(kex, pkm, True, maxlen)
def parse_int(v): def parse_int(v):