Added 6 new host key types: 'spi-sign-rsa', 'ssh-ed448', 'x509v3-ecdsa-sha2-nistp256', 'x509v3-ecdsa-sha2-nistp384', 'x509v3-ecdsa-sha2-nistp521', 'x509v3-rsa2048-sha256'. Added 5 new key exchanges: 'gss-group14-sha256-', 'gss-group15-sha512-', 'gss-group16-sha512-', 'gss-nistp256-sha256-', 'gss-curve25519-sha256-'.

ssh-audit.py

@@ -764,8 +764,13 @@ class SSH2:  # pylint: disable=too-few-public-methods
                 'gss-group1-sha1-': [[], [FAIL_1024BIT_MODULUS], [WARN_HASH_WEAK]],
                 'gss-group14-sha1-': [[], [], [WARN_HASH_WEAK]],
                 'gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==': [[], [], [WARN_HASH_WEAK]],
+                'gss-group14-sha256-': [[]],
                 'gss-group14-sha256-toWM5Slw5Ew8Mqkay+al2g==': [[]],
+                'gss-group15-sha512-': [[]],
                 'gss-group15-sha512-toWM5Slw5Ew8Mqkay+al2g==': [[]],
+                'gss-group16-sha512-': [[]],
+                'gss-nistp256-sha256-': [[], [WARN_CURVES_WEAK]],
+                'gss-curve25519-sha256-': [[]],
                 'diffie-hellman-group1-sha256': [[], [FAIL_1024BIT_MODULUS]],
                 'diffie-hellman-group14-sha1': [['3.9,d0.53,l10.6.0'], [], [WARN_HASH_WEAK]],
                 'diffie-hellman-group14-sha256': [['7.3,d2016.73']],
@@ -846,6 +851,12 @@ class SSH2:  # pylint: disable=too-few-public-methods
                 'ssh-gost2001': [[], [], [WARN_UNTRUSTED]],
                 'ssh-gost2012-256': [[], [], [WARN_UNTRUSTED]],
                 'ssh-gost2012-512': [[], [], [WARN_UNTRUSTED]],
+                'spi-sign-rsa': [[]],
+                'ssh-ed448': [[]],
+                'x509v3-ecdsa-sha2-nistp256': [[], [WARN_CURVES_WEAK]],
+                'x509v3-ecdsa-sha2-nistp384': [[], [WARN_CURVES_WEAK]],
+                'x509v3-ecdsa-sha2-nistp521': [[], [WARN_CURVES_WEAK]],
+                'x509v3-rsa2048-sha256': [[]],
             },
             'enc': {
                 'none': [['1.2.2,d2013.56,l10.2'], [FAIL_PLAINTEXT]],