Flag 'ssh-rsa-cert-v01@openssh.com' as unsafe due to SHA-1 hash.

2025-12-14 10:52:06 +01:00 · 2020-10-20 17:39:34 -04:00
parent ec48249deb
commit 619efc7349
3 changed files with 3 additions and 2 deletions
--- a/src/ssh_audit/algorithms.py
+++ b/src/ssh_audit/algorithms.py
@@ -179,7 +179,7 @@ class Algorithms:
                    else:
                        if faults == 0:
                            continue
-                        if n in ['diffie-hellman-group-exchange-sha256', 'rsa-sha2-256', 'rsa-sha2-512', 'ssh-rsa-cert-v01@openssh.com']:
+                        if n in ['diffie-hellman-group-exchange-sha256', 'rsa-sha2-256', 'rsa-sha2-512', 'rsa-sha2-256-cert-v01@openssh.com', 'rsa-sha2-512-cert-v01@openssh.com']:
                            rec[sshv][alg_type]['chg'][n] = faults
                        else:
                            rec[sshv][alg_type]['del'][n] = faults