elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2024-06-30 11:14:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added two new key exchanges: 'kexAlgoCurve25519SHA256' and 'Curve25519SHA256'.

Browse Source
This commit is contained in:
Joe Testa 2020-07-28 21:17:29 -04:00
parent 41e69dd6f2
commit 6a7bed06d7
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -90,7 +90,7 @@ $ brew install ssh-audit
- Suppress recommendation of token host key types.
- Added check for use-after-free vulnerability in PuTTY v0.73.
- Added 5 new host key types: `ssh-rsa1`, `ssh-dss-sha256@ssh.com`, `ssh-gost2001`, `ssh-gost2012-256`, `ssh-gost2012-512`.
- Added 1 new key exchange: `diffie-hellman-group1-sha256`.
- Added 3 new key exchanges: `diffie-hellman-group1-sha256`, `kexAlgoCurve25519SHA256`, `Curve25519SHA256`.
- Added 5 new ciphers: `blowfish`, `AEAD_AES_128_GCM`, `AEAD_AES_256_GCM`, `crypticore128@ssh.com`, `seed-cbc@ssh.com`.
- Added 3 new MACs: `chacha20-poly1305@openssh.com`, `hmac-sha3-224`, `crypticore-mac@ssh.com`.

2
ssh-audit.py
View File

@ -753,6 +753,8 @@ class SSH2: # pylint: disable=too-few-public-methods
'rsa1024-sha1': [[], [FAIL_1024BIT_MODULUS], [WARN_HASH_WEAK]],
'rsa2048-sha256': [[]],
'sntrup4591761x25519-sha512@tinyssh.org': [['8.0'], [], [WARN_EXPERIMENTAL]],
'kexAlgoCurve25519SHA256': [[]],
'Curve25519SHA256': [[]],
'ext-info-c': [[]], # Extension negotiation (RFC 8308)
'ext-info-s': [[]], # Extension negotiation (RFC 8308)
},