From d5ef967758ce31d0031bcd17703b044acc439440 Mon Sep 17 00:00:00 2001 From: Joe Testa Date: Tue, 30 Jun 2020 22:51:13 -0400 Subject: [PATCH] Upgraded 1024-bit modulus warning to failure. --- README.md | 1 + ssh-audit.py | 19 ++++++++++--------- .../dropbear_2019.78_test1.txt | 4 ++-- .../expected_results/openssh_4.0p1_test1.txt | 8 ++++---- .../expected_results/openssh_5.6p1_test1.txt | 8 ++++---- .../expected_results/openssh_5.6p1_test2.txt | 4 ++-- .../expected_results/openssh_5.6p1_test3.txt | 4 ++-- .../expected_results/openssh_5.6p1_test4.txt | 4 ++-- .../expected_results/openssh_5.6p1_test5.txt | 4 ++-- 9 files changed, 29 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index dbc6aa1..2cb9677 100644 --- a/README.md +++ b/README.md @@ -75,6 +75,7 @@ $ brew install ssh-audit ## ChangeLog ### v2.2.1-dev (???) + - 1024-bit moduli upgraded from warnings to failures. - Many Python 2 code clean-ups, testing framework improvements, pylint & flake8 fixes, and mypy type comments; credit [Jürgen Gmach](https://github.com/jugmac00)). - Suppress recommendation of token host key types. - Added 1 new host key types: `ssh-rsa1`. diff --git a/ssh-audit.py b/ssh-audit.py index 77ad74a..e4dfa4c 100755 --- a/ssh-audit.py +++ b/ssh-audit.py @@ -636,9 +636,9 @@ class SSH2: # pylint: disable=too-few-public-methods FAIL_WEAK_ALGORITHM = 'using weak/obsolete algorithm' FAIL_PLAINTEXT = 'no encryption/integrity' FAIL_DEPRECATED_MAC = 'deprecated MAC' + FAIL_1024BIT_MODULUS = 'using small 1024-bit modulus' WARN_CURVES_WEAK = 'using weak elliptic curves' WARN_RNDSIG_KEY = 'using weak random number generator could reveal the key' - WARN_MODULUS_SIZE = 'using small 1024-bit modulus' WARN_HASH_WEAK = 'using weak hashing algorithm' WARN_CIPHER_MODE = 'using weak cipher mode' WARN_BLOCK_SIZE = 'using small 64-bit block size' @@ -651,8 +651,8 @@ class SSH2: # pylint: disable=too-few-public-methods ALGORITHMS = { # Format: 'algorithm_name': [['version_first_appeared_in'], [reason_for_failure1, reason_for_failure2, ...], [warning1, warning2, ...]] 'kex': { - 'diffie-hellman-group1-sha1': [['2.3.0,d0.28,l10.2', '6.6', '6.9'], [FAIL_OPENSSH67_UNSAFE, FAIL_OPENSSH70_LOGJAM], [WARN_MODULUS_SIZE, WARN_HASH_WEAK]], - 'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==': [[], [FAIL_OPENSSH67_UNSAFE, FAIL_OPENSSH70_LOGJAM], [WARN_MODULUS_SIZE, WARN_HASH_WEAK]], + 'diffie-hellman-group1-sha1': [['2.3.0,d0.28,l10.2', '6.6', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH67_UNSAFE, FAIL_OPENSSH70_LOGJAM], [WARN_HASH_WEAK]], + 'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==': [[], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH67_UNSAFE, FAIL_OPENSSH70_LOGJAM], [WARN_HASH_WEAK]], 'gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==': [[], [], [WARN_HASH_WEAK]], 'gss-gex-sha1-': [[], [], [WARN_HASH_WEAK]], 'gss-group1-sha1-': [[], [], [WARN_HASH_WEAK]], @@ -660,6 +660,7 @@ class SSH2: # pylint: disable=too-few-public-methods 'gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==': [[], [], [WARN_HASH_WEAK]], 'gss-group14-sha256-toWM5Slw5Ew8Mqkay+al2g==': [[]], 'gss-group15-sha512-toWM5Slw5Ew8Mqkay+al2g==': [[]], + 'diffie-hellman-group1-sha256': [[], ], 'diffie-hellman-group14-sha1': [['3.9,d0.53,l10.6.0'], [], [WARN_HASH_WEAK]], 'diffie-hellman-group14-sha256': [['7.3,d2016.73']], 'diffie-hellman-group14-sha256@ssh.com': [[]], @@ -696,7 +697,7 @@ class SSH2: # pylint: disable=too-few-public-methods 'curve25519-sha256': [['7.4,d2018.76']], 'curve448-sha512': [[]], 'kexguess2@matt.ucc.asn.au': [['d2013.57']], - 'rsa1024-sha1': [[], [], [WARN_MODULUS_SIZE, WARN_HASH_WEAK]], + 'rsa1024-sha1': [[], [FAIL_1024BIT_MODULUS], [WARN_HASH_WEAK]], 'rsa2048-sha256': [[]], 'sntrup4591761x25519-sha512@tinyssh.org': [['8.0'], [], [WARN_EXPERIMENTAL]], 'ext-info-c': [[]], # Extension negotiation (RFC 8308) @@ -709,20 +710,20 @@ class SSH2: # pylint: disable=too-few-public-methods 'ssh-ed25519': [['6.5,l10.7.0']], 'ssh-ed25519-cert-v01@openssh.com': [['6.5']], 'ssh-rsa': [['2.5.0,d0.28,l10.2'], [WARN_HASH_WEAK]], - 'ssh-dss': [['2.1.0,d0.28,l10.2', '6.9'], [FAIL_OPENSSH70_WEAK], [WARN_MODULUS_SIZE, WARN_RNDSIG_KEY]], + 'ssh-dss': [['2.1.0,d0.28,l10.2', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_WEAK], [WARN_RNDSIG_KEY]], 'ecdsa-sha2-nistp256': [['5.7,d2013.62,l10.6.4'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]], 'ecdsa-sha2-nistp384': [['5.7,d2013.62,l10.6.4'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]], 'ecdsa-sha2-nistp521': [['5.7,d2013.62,l10.6.4'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]], 'ecdsa-sha2-1.3.132.0.10': [[], [], [WARN_RNDSIG_KEY]], # ECDSA over secp256k1 (i.e.: the Bitcoin curve) - 'x509v3-sign-dss': [[], [FAIL_OPENSSH70_WEAK], [WARN_MODULUS_SIZE, WARN_RNDSIG_KEY]], + 'x509v3-sign-dss': [[], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_WEAK], [WARN_RNDSIG_KEY]], 'x509v3-sign-rsa': [[], [], [WARN_HASH_WEAK]], 'x509v3-sign-rsa-sha256@ssh.com': [[]], - 'x509v3-ssh-dss': [[], [FAIL_OPENSSH70_WEAK], [WARN_MODULUS_SIZE, WARN_RNDSIG_KEY]], + 'x509v3-ssh-dss': [[], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_WEAK], [WARN_RNDSIG_KEY]], 'x509v3-ssh-rsa': [[], [], [WARN_HASH_WEAK]], 'ssh-rsa-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_OPENSSH70_LEGACY], []], - 'ssh-dss-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_OPENSSH70_LEGACY], [WARN_MODULUS_SIZE, WARN_RNDSIG_KEY]], + 'ssh-dss-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_LEGACY], [WARN_RNDSIG_KEY]], 'ssh-rsa-cert-v01@openssh.com': [['5.6']], - 'ssh-dss-cert-v01@openssh.com': [['5.6', '6.9'], [FAIL_OPENSSH70_WEAK], [WARN_MODULUS_SIZE, WARN_RNDSIG_KEY]], + 'ssh-dss-cert-v01@openssh.com': [['5.6', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_WEAK], [WARN_RNDSIG_KEY]], 'ecdsa-sha2-nistp256-cert-v01@openssh.com': [['5.7'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]], 'ecdsa-sha2-nistp384-cert-v01@openssh.com': [['5.7'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]], 'ecdsa-sha2-nistp521-cert-v01@openssh.com': [['5.7'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]], diff --git a/test/docker/expected_results/dropbear_2019.78_test1.txt b/test/docker/expected_results/dropbear_2019.78_test1.txt index 4029afc..9679fe4 100644 --- a/test/docker/expected_results/dropbear_2019.78_test1.txt +++ b/test/docker/expected_results/dropbear_2019.78_test1.txt @@ -25,8 +25,8 @@ (key) ssh-rsa (1024-bit) -- [fail] using weak hashing algorithm  `- [warn] using small 1024-bit modulus `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28 -(key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm - `- [warn] using small 1024-bit modulus +(key) ssh-dss -- [fail] using small 1024-bit modulus + `- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm  `- [warn] using weak random number generator could reveal the key `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28 diff --git a/test/docker/expected_results/openssh_4.0p1_test1.txt b/test/docker/expected_results/openssh_4.0p1_test1.txt index fb7c724..9e9b4d2 100644 --- a/test/docker/expected_results/openssh_4.0p1_test1.txt +++ b/test/docker/expected_results/openssh_4.0p1_test1.txt @@ -31,9 +31,9 @@ `- [info] available since OpenSSH 2.3.0 (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53 -(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm +(kex) diffie-hellman-group1-sha1 -- [fail] using small 1024-bit modulus + `- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm  `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack - `- [warn] using small 1024-bit modulus  `- [warn] using weak hashing algorithm `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28 @@ -41,8 +41,8 @@ (key) ssh-rsa (1024-bit) -- [fail] using weak hashing algorithm  `- [warn] using small 1024-bit modulus `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28 -(key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm - `- [warn] using small 1024-bit modulus +(key) ssh-dss -- [fail] using small 1024-bit modulus + `- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm  `- [warn] using weak random number generator could reveal the key `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28 diff --git a/test/docker/expected_results/openssh_5.6p1_test1.txt b/test/docker/expected_results/openssh_5.6p1_test1.txt index ca3074d..f2361ca 100644 --- a/test/docker/expected_results/openssh_5.6p1_test1.txt +++ b/test/docker/expected_results/openssh_5.6p1_test1.txt @@ -25,9 +25,9 @@ `- [info] available since OpenSSH 2.3.0 (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53 -(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm +(kex) diffie-hellman-group1-sha1 -- [fail] using small 1024-bit modulus + `- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm  `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack - `- [warn] using small 1024-bit modulus  `- [warn] using weak hashing algorithm `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28 @@ -35,8 +35,8 @@ (key) ssh-rsa (1024-bit) -- [fail] using weak hashing algorithm  `- [warn] using small 1024-bit modulus `- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28 -(key) ssh-dss -- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm - `- [warn] using small 1024-bit modulus +(key) ssh-dss -- [fail] using small 1024-bit modulus + `- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm  `- [warn] using weak random number generator could reveal the key `- [info] available since OpenSSH 2.1.0, Dropbear SSH 0.28 diff --git a/test/docker/expected_results/openssh_5.6p1_test2.txt b/test/docker/expected_results/openssh_5.6p1_test2.txt index bc3bcfa..59808a9 100644 --- a/test/docker/expected_results/openssh_5.6p1_test2.txt +++ b/test/docker/expected_results/openssh_5.6p1_test2.txt @@ -25,9 +25,9 @@ `- [info] available since OpenSSH 2.3.0 (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53 -(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm +(kex) diffie-hellman-group1-sha1 -- [fail] using small 1024-bit modulus + `- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm  `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack - `- [warn] using small 1024-bit modulus  `- [warn] using weak hashing algorithm `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28 diff --git a/test/docker/expected_results/openssh_5.6p1_test3.txt b/test/docker/expected_results/openssh_5.6p1_test3.txt index 0a23fa8..62a8fa3 100644 --- a/test/docker/expected_results/openssh_5.6p1_test3.txt +++ b/test/docker/expected_results/openssh_5.6p1_test3.txt @@ -25,9 +25,9 @@ `- [info] available since OpenSSH 2.3.0 (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53 -(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm +(kex) diffie-hellman-group1-sha1 -- [fail] using small 1024-bit modulus + `- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm  `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack - `- [warn] using small 1024-bit modulus  `- [warn] using weak hashing algorithm `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28 diff --git a/test/docker/expected_results/openssh_5.6p1_test4.txt b/test/docker/expected_results/openssh_5.6p1_test4.txt index ca183fa..eeb363e 100644 --- a/test/docker/expected_results/openssh_5.6p1_test4.txt +++ b/test/docker/expected_results/openssh_5.6p1_test4.txt @@ -25,9 +25,9 @@ `- [info] available since OpenSSH 2.3.0 (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53 -(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm +(kex) diffie-hellman-group1-sha1 -- [fail] using small 1024-bit modulus + `- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm  `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack - `- [warn] using small 1024-bit modulus  `- [warn] using weak hashing algorithm `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28 diff --git a/test/docker/expected_results/openssh_5.6p1_test5.txt b/test/docker/expected_results/openssh_5.6p1_test5.txt index 111921f..3373e92 100644 --- a/test/docker/expected_results/openssh_5.6p1_test5.txt +++ b/test/docker/expected_results/openssh_5.6p1_test5.txt @@ -25,9 +25,9 @@ `- [info] available since OpenSSH 2.3.0 (kex) diffie-hellman-group14-sha1 -- [warn] using weak hashing algorithm `- [info] available since OpenSSH 3.9, Dropbear SSH 0.53 -(kex) diffie-hellman-group1-sha1 -- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm +(kex) diffie-hellman-group1-sha1 -- [fail] using small 1024-bit modulus + `- [fail] removed (in server) since OpenSSH 6.7, unsafe algorithm  `- [fail] disabled (in client) since OpenSSH 7.0, logjam attack - `- [warn] using small 1024-bit modulus  `- [warn] using weak hashing algorithm `- [info] available since OpenSSH 2.3.0, Dropbear SSH 0.28