From 521a50a796e209ac5819f7ea77e456ed3dbe8391 Mon Sep 17 00:00:00 2001 From: Joe Testa Date: Mon, 19 Jun 2023 10:35:13 -0400 Subject: [PATCH] Added 'curve448-sha512@libssh.org' kex. (#195) --- README.md | 3 +++ src/ssh_audit/ssh2_kexdb.py | 1 + 2 files changed, 4 insertions(+) diff --git a/README.md b/README.md index c672065..0a34746 100644 --- a/README.md +++ b/README.md @@ -178,6 +178,9 @@ For convenience, a web front-end on top of the command-line tool is available at ## ChangeLog +### v3.0.0-dev (2023-??-??) + - Added 1 new key exchange: `curve448-sha512@libssh.org`. + ### v2.9.0 (2023-04-29) - Dropped support for Python 3.6, as it reached EOL at the end of 2021. - Added Ubuntu Server & Client 22.04 hardening policies. diff --git a/src/ssh_audit/ssh2_kexdb.py b/src/ssh_audit/ssh2_kexdb.py index 07c77d7..0055ea5 100644 --- a/src/ssh_audit/ssh2_kexdb.py +++ b/src/ssh_audit/ssh2_kexdb.py @@ -77,6 +77,7 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods 'curve25519-sha256': [['7.4,d2018.76'], [], [], [INFO_DEFAULT_OPENSSH_KEX]], 'curve25519-sha256@libssh.org': [['6.4,d2013.62,l10.6.0'], [], [], [INFO_DEFAULT_OPENSSH_KEX]], 'curve448-sha512': [[]], + 'curve448-sha512@libssh.org': [[]], 'diffie-hellman-group14-sha1': [['3.9,d0.53,l10.6.0'], [FAIL_SHA1], [WARN_2048BIT_MODULUS]], 'diffie-hellman-group14-sha224@ssh.com': [[]], 'diffie-hellman-group14-sha256': [['7.3,d2016.73'], [], [WARN_2048BIT_MODULUS]],