elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2024-06-28 10:23:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added two new MACs: 'AEAD_AES_128_GCM', and 'AEAD_AES_256_GCM'.

Browse Source
This commit is contained in:
Joe Testa 2021-06-28 21:59:41 -04:00
parent 45da9f20ae
commit 98a1fb0315
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -183,7 +183,7 @@ For convenience, a web front-end on top of the command-line tool is available at
- Added `-d`/`--debug` option for getting debugging output; credit [Adam Russell](https://github.com/thecliguy).
- Updated JSON output to include MD5 fingerprints. Note that this results in a breaking change in the 'fingerprints' dictionary format.
- Updated OpenSSH 8.1 (and earlier) policies to include `rsa-sha2-512` and `rsa-sha2-256`.
- Added 1 new MAC: `hmac-ripemd160-96`.
- Added 3 new MACs: `hmac-ripemd160-96`, `AEAD_AES_128_GCM`, and `AEAD_AES_256_GCM`.
### v2.4.0 (2021-02-23)
- Added multi-threaded scanning support.

2
src/ssh_audit/ssh2_kexdb.py
View File

@ -271,5 +271,7 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods
'aes256-gcm': [[]],
'chacha20-poly1305@openssh.com': [[]], # Despite the @openssh.com tag, this was never shipped as a MAC in OpenSSH (only as a cipher); it is only implemented as a MAC in Syncplify.
'crypticore-mac@ssh.com': [[], [FAIL_UNPROVEN]],
'AEAD_AES_128_GCM': [[]],
'AEAD_AES_256_GCM': [[]],
}
}