Commit Graph

12 Commits

Author SHA1 Message Date
Joe Testa
263267c5ad Added support for mixed host key/CA key types (i.e.: RSA host keys signed by ED25519 CAs) (#120). 2023-04-25 09:17:32 -04:00
Joe Testa
cc9e4fbc4a Generic failure/warning messages replaced with more specific reasons. SHA-1 algorithms now cause failures. CBC mode ciphers are now warnings instead of failures. 2023-03-23 21:36:02 -04:00
Joe Testa
413dea60ae Fixed docker tests affected by previous commit. 2023-03-21 14:58:00 -04:00
Joe Testa
c9dc9a9c10 Now issues a warning when 2048-bit moduli are encountered. 2023-02-06 16:27:30 -05:00
Joe Testa
c6b8dc97e1 Fixed tests. 2022-02-21 21:48:10 -05:00
Joe Testa
c49a0fb22f Upgraded SHA-1 key signatures from warnings to failures. Added deprecation warning to ssh-rsa-cert-v00@openssh.com, ssh-rsa-cert-v01@openssh.com, x509v3-sign-rsa, and x509v3-ssh-rsa host key types. 2021-02-01 19:19:46 -05:00
Joe Testa
0d9881966c Added version check for OpenSSH user enumeration (CVE-2018-15473). (#83) 2020-11-05 20:24:09 -05:00
Joe Testa
175bd2cf66 Fixed recommendation output function from suppressing some algorithms inappropriately. 2020-10-20 21:34:34 -04:00
Joe Testa
d5ef967758 Upgraded 1024-bit modulus warning to failure. 2020-06-30 22:51:13 -04:00
Joe Testa
c9a2f2955c Marked host key type 'ssh-rsa' as weak due to practical SHA-1 collisions. 2020-02-08 23:56:54 -05:00
Joe Testa
fd3a1f7d41 Added client audit functionality. (#3) 2019-09-27 18:14:36 -04:00
Joe Testa
4f138d7f82 Added docker testing framework. 2019-08-22 16:04:46 -04:00