mirror of
https://github.com/jtesta/ssh-audit.git
synced 2024-11-23 11:01:40 +01:00
Upgraded SHA-1 key signatures from warnings to failures. Added deprecation warning to ssh-rsa-cert-v00@openssh.com, ssh-rsa-cert-v01@openssh.com, x509v3-sign-rsa, and x509v3-ssh-rsa host key types.
This commit is contained in:
parent
dbe14a075e
commit
c49a0fb22f
@ -161,6 +161,8 @@ For convenience, a web front-end on top of the command-line tool is available at
|
||||
### v2.4.0-dev (???)
|
||||
- Added multi-threaded scanning support.
|
||||
- Added version check for OpenSSH user enumeration (CVE-2018-15473).
|
||||
- Added deprecation note to host key types based on SHA-1.
|
||||
- Upgraded warnings to failures for host key types based on SHA-1.
|
||||
- Fixed crash when receiving unexpected response during host key test.
|
||||
- Fixed hang against older Cisco devices during host key test & gex test.
|
||||
- Fixed improper termination while scanning multiple targets when one target returns an error.
|
||||
|
@ -155,12 +155,20 @@ class HostKeyTest:
|
||||
if (cert is False) and (hostkey_modulus_size < 2048):
|
||||
for rsa_type in HostKeyTest.RSA_FAMILY:
|
||||
alg_list = SSH2_KexDB.ALGORITHMS['key'][rsa_type]
|
||||
alg_list.append(['using small %d-bit modulus' % hostkey_modulus_size])
|
||||
|
||||
# If no failure list exists, add an empty failure list.
|
||||
if len(alg_list) < 2:
|
||||
alg_list.append([])
|
||||
alg_list[1].append('using small %d-bit modulus' % hostkey_modulus_size)
|
||||
elif (cert is True) and ((hostkey_modulus_size < 2048) or (ca_modulus_size > 0 and ca_modulus_size < 2048)): # pylint: disable=chained-comparison
|
||||
alg_list = SSH2_KexDB.ALGORITHMS['key'][host_key_type]
|
||||
min_modulus = min(hostkey_modulus_size, ca_modulus_size)
|
||||
min_modulus = min_modulus if min_modulus > 0 else max(hostkey_modulus_size, ca_modulus_size)
|
||||
alg_list.append(['using small %d-bit modulus' % min_modulus])
|
||||
|
||||
# If no failure list exists, add an empty failure list.
|
||||
if len(alg_list) < 2:
|
||||
alg_list.append([])
|
||||
alg_list[1].append('using small %d-bit modulus' % min_modulus)
|
||||
|
||||
# If this host key type is in the RSA family, then mark them all as parsed (since results in one are valid for them all).
|
||||
if host_key_type in HostKeyTest.RSA_FAMILY:
|
||||
|
@ -37,7 +37,7 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods
|
||||
FAIL_OPENSSH67_UNSAFE = 'removed (in server) since OpenSSH 6.7, unsafe algorithm'
|
||||
FAIL_OPENSSH61_REMOVE = 'removed since OpenSSH 6.1, removed from specification'
|
||||
FAIL_OPENSSH31_REMOVE = 'removed since OpenSSH 3.1'
|
||||
INFO_OPENSSH82_FUTURE_DEPRECATION = 'A future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2'
|
||||
INFO_OPENSSH82_FUTURE_DEPRECATION = 'a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2'
|
||||
FAIL_DBEAR67_DISABLED = 'disabled since Dropbear SSH 2015.67'
|
||||
FAIL_DBEAR53_DISABLED = 'disabled since Dropbear SSH 0.53'
|
||||
FAIL_DEPRECATED_CIPHER = 'deprecated cipher'
|
||||
@ -47,6 +47,7 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods
|
||||
FAIL_DEPRECATED_MAC = 'deprecated MAC'
|
||||
FAIL_1024BIT_MODULUS = 'using small 1024-bit modulus'
|
||||
FAIL_UNPROVEN = 'using unproven algorithm'
|
||||
FAIL_HASH_WEAK = 'using weak hashing algorithm'
|
||||
WARN_CURVES_WEAK = 'using weak elliptic curves'
|
||||
WARN_RNDSIG_KEY = 'using weak random number generator could reveal the key'
|
||||
WARN_HASH_WEAK = 'using weak hashing algorithm'
|
||||
@ -128,20 +129,20 @@ class SSH2_KexDB: # pylint: disable=too-few-public-methods
|
||||
'rsa-sha2-512': [['7.2']],
|
||||
'ssh-ed25519': [['6.5,l10.7.0']],
|
||||
'ssh-ed25519-cert-v01@openssh.com': [['6.5']],
|
||||
'ssh-rsa': [['2.5.0,d0.28,l10.2'], [WARN_HASH_WEAK], [], [INFO_OPENSSH82_FUTURE_DEPRECATION]],
|
||||
'ssh-rsa': [['2.5.0,d0.28,l10.2'], [FAIL_HASH_WEAK], [], [INFO_OPENSSH82_FUTURE_DEPRECATION]],
|
||||
'ssh-dss': [['2.1.0,d0.28,l10.2', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_WEAK], [WARN_RNDSIG_KEY]],
|
||||
'ecdsa-sha2-nistp256': [['5.7,d2013.62,l10.6.4'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
|
||||
'ecdsa-sha2-nistp384': [['5.7,d2013.62,l10.6.4'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
|
||||
'ecdsa-sha2-nistp521': [['5.7,d2013.62,l10.6.4'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
|
||||
'ecdsa-sha2-1.3.132.0.10': [[], [], [WARN_RNDSIG_KEY]], # ECDSA over secp256k1 (i.e.: the Bitcoin curve)
|
||||
'x509v3-sign-dss': [[], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_WEAK], [WARN_RNDSIG_KEY]],
|
||||
'x509v3-sign-rsa': [[], [], [WARN_HASH_WEAK]],
|
||||
'x509v3-sign-rsa': [[], [FAIL_HASH_WEAK], [], [INFO_OPENSSH82_FUTURE_DEPRECATION]],
|
||||
'x509v3-sign-rsa-sha256@ssh.com': [[]],
|
||||
'x509v3-ssh-dss': [[], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_WEAK], [WARN_RNDSIG_KEY]],
|
||||
'x509v3-ssh-rsa': [[], [], [WARN_HASH_WEAK]],
|
||||
'ssh-rsa-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_OPENSSH70_LEGACY], []],
|
||||
'x509v3-ssh-rsa': [[], [FAIL_HASH_WEAK], [], [INFO_OPENSSH82_FUTURE_DEPRECATION]],
|
||||
'ssh-rsa-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_OPENSSH70_LEGACY, FAIL_HASH_WEAK], [], [INFO_OPENSSH82_FUTURE_DEPRECATION]],
|
||||
'ssh-dss-cert-v00@openssh.com': [['5.4', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_LEGACY], [WARN_RNDSIG_KEY]],
|
||||
'ssh-rsa-cert-v01@openssh.com': [['5.6'], [WARN_HASH_WEAK]],
|
||||
'ssh-rsa-cert-v01@openssh.com': [['5.6'], [FAIL_HASH_WEAK], [], [INFO_OPENSSH82_FUTURE_DEPRECATION]],
|
||||
'ssh-dss-cert-v01@openssh.com': [['5.6', '6.9'], [FAIL_1024BIT_MODULUS, FAIL_OPENSSH70_WEAK], [WARN_RNDSIG_KEY]],
|
||||
'ecdsa-sha2-nistp256-cert-v01@openssh.com': [['5.7'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
|
||||
'ecdsa-sha2-nistp384-cert-v01@openssh.com': [['5.7'], [WARN_CURVES_WEAK], [WARN_RNDSIG_KEY]],
|
||||
|
@ -23,8 +23,9 @@
|
||||
[0;33m `- [warn] using weak random number generator could reveal the key[0m
|
||||
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
|
||||
[0;31m(key) ssh-rsa (1024-bit) -- [fail] using weak hashing algorithm[0m
|
||||
[0;33m `- [warn] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] using small 1024-bit modulus[0m
|
||||
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
[0;31m(key) ssh-dss -- [fail] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm[0m
|
||||
[0;33m `- [warn] using weak random number generator could reveal the key[0m
|
||||
|
@ -40,8 +40,9 @@
|
||||
|
||||
[0;36m# host-key algorithms[0m
|
||||
[0;31m(key) ssh-rsa (1024-bit) -- [fail] using weak hashing algorithm[0m
|
||||
[0;33m `- [warn] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] using small 1024-bit modulus[0m
|
||||
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
[0;31m(key) ssh-dss -- [fail] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm[0m
|
||||
[0;33m `- [warn] using weak random number generator could reveal the key[0m
|
||||
|
@ -34,8 +34,9 @@
|
||||
|
||||
[0;36m# host-key algorithms[0m
|
||||
[0;31m(key) ssh-rsa (1024-bit) -- [fail] using weak hashing algorithm[0m
|
||||
[0;33m `- [warn] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] using small 1024-bit modulus[0m
|
||||
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
[0;31m(key) ssh-dss -- [fail] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] removed (in server) and disabled (in client) since OpenSSH 7.0, weak algorithm[0m
|
||||
[0;33m `- [warn] using weak random number generator could reveal the key[0m
|
||||
|
@ -34,11 +34,13 @@
|
||||
|
||||
[0;36m# host-key algorithms[0m
|
||||
[0;31m(key) ssh-rsa (1024-bit) -- [fail] using weak hashing algorithm[0m
|
||||
[0;33m `- [warn] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] using small 1024-bit modulus[0m
|
||||
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
[0;31m(key) ssh-rsa-cert-v01@openssh.com (1024-bit cert/1024-bit CA) -- [fail] using weak hashing algorithm[0m
|
||||
[0;33m `- [warn] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] using small 1024-bit modulus[0m
|
||||
`- [info] available since OpenSSH 5.6
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
|
||||
[0;36m# encryption algorithms (ciphers)[0m
|
||||
[0;32m(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52[0m
|
||||
|
@ -34,11 +34,13 @@
|
||||
|
||||
[0;36m# host-key algorithms[0m
|
||||
[0;31m(key) ssh-rsa (1024-bit) -- [fail] using weak hashing algorithm[0m
|
||||
[0;33m `- [warn] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] using small 1024-bit modulus[0m
|
||||
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
[0;31m(key) ssh-rsa-cert-v01@openssh.com (1024-bit cert/3072-bit CA) -- [fail] using weak hashing algorithm[0m
|
||||
[0;33m `- [warn] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] using small 1024-bit modulus[0m
|
||||
`- [info] available since OpenSSH 5.6
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
|
||||
[0;36m# encryption algorithms (ciphers)[0m
|
||||
[0;32m(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52[0m
|
||||
|
@ -35,9 +35,11 @@
|
||||
[0;36m# host-key algorithms[0m
|
||||
[0;31m(key) ssh-rsa (3072-bit) -- [fail] using weak hashing algorithm[0m
|
||||
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
[0;31m(key) ssh-rsa-cert-v01@openssh.com (3072-bit cert/1024-bit CA) -- [fail] using weak hashing algorithm[0m
|
||||
[0;33m `- [warn] using small 1024-bit modulus[0m
|
||||
[0;31m `- [fail] using small 1024-bit modulus[0m
|
||||
`- [info] available since OpenSSH 5.6
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
|
||||
[0;36m# encryption algorithms (ciphers)[0m
|
||||
[0;32m(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52[0m
|
||||
|
@ -35,8 +35,10 @@
|
||||
[0;36m# host-key algorithms[0m
|
||||
[0;31m(key) ssh-rsa (3072-bit) -- [fail] using weak hashing algorithm[0m
|
||||
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
[0;31m(key) ssh-rsa-cert-v01@openssh.com (3072-bit cert/3072-bit CA) -- [fail] using weak hashing algorithm[0m
|
||||
`- [info] available since OpenSSH 5.6
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
|
||||
[0;36m# encryption algorithms (ciphers)[0m
|
||||
[0;32m(enc) aes128-ctr -- [info] available since OpenSSH 3.7, Dropbear SSH 0.52[0m
|
||||
|
@ -25,6 +25,7 @@
|
||||
[0;32m(key) rsa-sha2-256 (3072-bit) -- [info] available since OpenSSH 7.2[0m
|
||||
[0;31m(key) ssh-rsa (3072-bit) -- [fail] using weak hashing algorithm[0m
|
||||
`- [info] available since OpenSSH 2.5.0, Dropbear SSH 0.28
|
||||
`- [info] a future deprecation notice has been issued in OpenSSH 8.2: https://www.openssh.com/txt/release-8.2
|
||||
[0;31m(key) ecdsa-sha2-nistp256 -- [fail] using weak elliptic curves[0m
|
||||
[0;33m `- [warn] using weak random number generator could reveal the key[0m
|
||||
`- [info] available since OpenSSH 5.7, Dropbear SSH 2013.62
|
||||
|
@ -147,7 +147,7 @@ class TestSSH2:
|
||||
self.audit(out, self._conf())
|
||||
out.write()
|
||||
lines = output_spy.flush()
|
||||
assert len(lines) == 69
|
||||
assert len(lines) == 70
|
||||
|
||||
def test_ssh2_server_invalid_first_packet(self, output_spy, virtual_socket):
|
||||
vsocket = virtual_socket
|
||||
|
Loading…
Reference in New Issue
Block a user