From f82c9825d91b7cb2b1d0454274f6e8325132950d Mon Sep 17 00:00:00 2001
From: Andris Raugulis <moo@arthepsy.eu>
Date: Wed, 3 Aug 2016 17:32:46 +0300
Subject: [PATCH] Add new key-exchange algorithms. Use OpenSSH 7.3 banner.

---
 README.md    | 4 ++++
 ssh-audit.py | 5 ++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 65ad32a..c9a373f 100644
--- a/README.md
+++ b/README.md
@@ -21,6 +21,10 @@ Verbose flag will fill each row, i.e, not leave blanks, for easier usage with _b
 ![screenshot](https://cloud.githubusercontent.com/assets/7356025/12120117/fa0ef9f8-b3d7-11e5-9a1b-f410b5217529.png)  
 
 ## ChangeLog
+### v1.0.20160803
+ - use OpenSSH 7.3 banner
+ - add new key-exchange algorithms
+
 ### v1.0.20160207
  - use OpenSSH 7.2 banner
  - additional warnings for OpenSSH 7.2 
diff --git a/ssh-audit.py b/ssh-audit.py
index 1a90d78..1fb00e6 100755
--- a/ssh-audit.py
+++ b/ssh-audit.py
@@ -26,7 +26,7 @@
 from __future__ import print_function
 import os, io, sys, socket, struct, random
 
-SSH_BANNER = 'SSH-2.0-OpenSSH_7.2'
+SSH_BANNER = 'SSH-2.0-OpenSSH_7.3'
 
 def usage():
 	p = os.path.basename(sys.argv[0])
@@ -320,6 +320,9 @@ KEX_DB = {
 	'kex': {
 		'diffie-hellman-group1-sha1': ['2.3.0,d0.28', [FAIL_OPENSSH67_UNSAFE, FAIL_OPENSSH70_LOGJAM], [TEXT_MODULUS_SIZE, TEXT_HASH_WEAK]],
 		'diffie-hellman-group14-sha1': ['3.9,d0.53', [], [TEXT_HASH_WEAK]],
+		'diffie-hellman-group14-sha256': ['7.3,d0216.73', [], []],
+		'diffie-hellman-group16-sha512': ['7.3,d2016.73', [], []],
+		'diffie-hellman-group18-sha512': ['7.3', [], []],
 		'diffie-hellman-group-exchange-sha1': ['2.3.0', [FAIL_OPENSSH67_UNSAFE], [TEXT_HASH_WEAK]],
 		'diffie-hellman-group-exchange-sha256': ['4.4', [], [TEXT_MODULUS_CUSTOM]],
 		'ecdh-sha2-nistp256': ['5.7,d2013.62', [TEXT_CURVES_WEAK]],