elie/ssh-audit
1
0
Fork 0
mirror of https://github.com/jtesta/ssh-audit.git synced 2025-06-23 02:54:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Suppress recommendation of token host key types.

Browse Source
This commit is contained in:
Joe Testa
2020-05-31 11:42:06 -04:00
parent 4b314a55ef
commit edc363db60
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ssh-audit.py
View File

@ -1837,7 +1837,8 @@ class SSH(object): # pylint: disable=too-few-public-methods
if fc > 0:
faults += pow(10, 2 - i) * fc
if n not in alg_list:
if faults > 0 or (alg_type == 'key' and '-cert-' in n) or empty_version:
# Don't recommend certificate or token types; these will only appear in the server's list if they are fully configured & functional on the server.
if faults > 0 or (alg_type == 'key' and (('-cert-' in n) or (n.startswith('sk-')))) or empty_version:
continue
rec[sshv][alg_type]['add'][n] = 0
else: